dns-oarc/cryptopant
1
0
Fork 0
Code Issues Activity

Adding upstream version 1.3.1.

Browse source 
Signed-off-by: Daniel Baumann <daniel@debian.org>
This commit is contained in:
Daniel Baumann 2025-02-10 05:27:32 +01:00
parent 5296a60534
commit 99a6be27f1
Signed by: daniel
GPG key ID: FBB4F0E80A80222F
42 changed files with 56893 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

73
Makefile.am Normal file
View file

@ -0,0 +1,73 @@
lib_LTLIBRARIES = libcryptopANT.la
libcryptopANT_la_SOURCES = src/cryptopANT.c src/cryptopANT.h
libcryptopANT_la_LDFLAGS = -version-info @CRYPTOPANT_LIBRARY_VERSION@ -lcrypto
ACLOCAL_AMFLAGS = -I m4
include_HEADERS = src/cryptopANT.h
dist_man3_MANS = man/cryptopANT.3
if BUILD_SCRAMBLE_IPS
# these will be installed in BINDIR
bin_PROGRAMS = scramble_ips
scramble_ips_SOURCES = src/scramble_ips.c
scramble_ips_LDFLAGS = -L.libs -lcryptopANT
$(bin_PROGRAMS): $(lib_LTLIBRARIES)
endif
TESTS_BINARY = .libs/scramble_ips
EXTRA_DIST = test/ip* test/keyfile*
CMP = cmp -s
# variables to control test time
HEAD6S=1000
HEAD6R=1000
.PHONY: test
.PHONY: test_bf test_aes test_sha1 test_md5
.PHONY: test_one_bf test_one_aes test_one_sha1 test_one_md5
test: test_bf test_aes test_sha1 test_md5
test_bf: T=blowfish
test_bf: HEAD6S=100
test_bf: HEAD6R=10
test_bf: all test_one_bf
test_aes: T=aes
test_aes: all test_one_aes
test_sha1: T=sha1
test_sha1: all test_one_sha1
test_md5: T=md5
test_md5: all test_one_md5
test_one_aes test_one_bf test_one_sha1 test_one_md5:
@test -x ./scramble_ips || { \
echo "scramble_ips binary wasn't built, run './configure --with-scramble_ips'"; \
exit 1; \
}
@echo "testing crypto $T"
@./scramble_ips test/keyfile.$(T) <test/ip4s | $(CMP) test/ip4s.anon.$(T) - \
&& echo " ipv4 scrambling test PASSED" \
|| echo " ipv4 scrambling test FAILED"
@./scramble_ips test/keyfile.$(T) <test/ip6s \
| head -n $(HEAD6S) | $(CMP) <(head -n $(HEAD6S) test/ip6s.anon.$(T)) - \
&& echo " ipv6 scrambling test PASSED" \
|| echo " ipv6 scrambling test FAILED"
@./scramble_ips -r test/keyfile.$(T) <test/ip4s.anon.$(T) | $(CMP) test/ip4s - \
&& echo " ipv4 descrambling test PASSED" \
|| echo " ipv4 descrambling test FAILED"
@./scramble_ips -r test/keyfile.$(T) <test/ip6s.anon.$(T) \
| head -n $(HEAD6R) | $(CMP) <(head -n $(HEAD6R) test/ip6s) - \
&& echo " ipv6 descrambling test PASSED" \
|| echo " ipv6 descrambling test FAILED"
.PHONY: check
check: test
.PHONY: rpmbuild
rpmbuild: dist
cp $(distdir).tar.gz ~/rpmbuild/SOURCES
cp cryptopANT.spec ~/rpmbuild/SPECS
rpmbuild -ba ~/rpmbuild/SPECS/cryptopANT.spec

1087
Makefile.in Normal file
View file

File diff suppressed because it is too large Load diff

46
README.md Normal file
View file

@ -0,0 +1,46 @@
# CryptoPANT
CryptopANT is a C library for IP address anonymization using crypto-PAn
algorithm, originally defined by Georgia Tech.
The library supports anonymization and de-anonymization (provided you possess a
secret key) of IPv4, IPv6, and MAC addresses.
The software release includes
sample utilities that anonymize IP addresses in text,
but we expect most use of the library will be as part of other programs.
The Crypto-PAn anonymization scheme was developed by Xu, Fan, Ammar, and Moon at Georgia Tech and described
in <a href='http://authors.elsevier.com/sd/article/S1389128604001197'>
"Prefix-Preserving IP Address Anonymization", Computer Networks,
Volume 46, Issue 2, 7 October 2004, Pages 253-272, Elsevier</a>.
Our library is independent (and not binary compatible) of theirs.
# Building CryptopANT
To build cryptopANT:
./configure --with-scramble_ips
make
sudo make install
or if building from git, start with:
./autogen.sh
# Crypto algorithms used
Our library supports several pluggable crypto algorithms for anonymization.
Currently supported are:
* AES
* SHA1
* Blowfish
* MD5
These algorithms come from openssl library.
Beginning v1.4.0 cryptopANT when creating new keys will use AES by default
as preferred crypto. Previously, it was defaulting to Blowfish. The reason for switch
is that after switching to openssl v3 api (EVP), we noticed a marked slowdown in Blowfish.
Old keys using Blowfish will still remain usable, but if the performance is too slow, we
advise switching to new keys using AES or sticking with an older version of cryptopANT.

1218
aclocal.m4 vendored Normal file
View file

File diff suppressed because it is too large Load diff

271
ar-lib Executable file
View file

@ -0,0 +1,271 @@
#! /bin/sh
# Wrapper for Microsoft lib.exe
me=ar-lib
scriptversion=2019-07-04.01; # UTC
# Copyright (C) 2010-2021 Free Software Foundation, Inc.
# Written by Peter Rosin <peda@lysator.liu.se>.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# This file is maintained in Automake, please report
# bugs to <bug-automake@gnu.org> or send patches to
# <automake-patches@gnu.org>.
# func_error message
func_error ()
{
echo "$me: $1" 1>&2
exit 1
}
file_conv=
# func_file_conv build_file
# Convert a $build file to $host form and store it in $file
# Currently only supports Windows hosts.
func_file_conv ()
{
file=$1
case $file in
/ | /[!/]*) # absolute file, and not a UNC file
if test -z "$file_conv"; then
# lazily determine how to convert abs files
case `uname -s` in
MINGW*)
file_conv=mingw
;;
CYGWIN* | MSYS*)
file_conv=cygwin
;;
*)
file_conv=wine
;;
esac
fi
case $file_conv in
mingw)
file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'`
;;
cygwin | msys)
file=`cygpath -m "$file" || echo "$file"`
;;
wine)
file=`winepath -w "$file" || echo "$file"`
;;
esac
;;
esac
}
# func_at_file at_file operation archive
# Iterate over all members in AT_FILE performing OPERATION on ARCHIVE
# for each of them.
# When interpreting the content of the @FILE, do NOT use func_file_conv,
# since the user would need to supply preconverted file names to
# binutils ar, at least for MinGW.
func_at_file ()
{
operation=$2
archive=$3
at_file_contents=`cat "$1"`
eval set x "$at_file_contents"
shift
for member
do
$AR -NOLOGO $operation:"$member" "$archive" || exit $?
done
}
case $1 in
'')
func_error "no command. Try '$0 --help' for more information."
;;
-h | --h*)
cat <<EOF
Usage: $me [--help] [--version] PROGRAM ACTION ARCHIVE [MEMBER...]
Members may be specified in a file named with @FILE.
EOF
exit $?
;;
-v | --v*)
echo "$me, version $scriptversion"
exit $?
;;
esac
if test $# -lt 3; then
func_error "you must specify a program, an action and an archive"
fi
AR=$1
shift
while :
do
if test $# -lt 2; then
func_error "you must specify a program, an action and an archive"
fi
case $1 in
-lib | -LIB \
| -ltcg | -LTCG \
| -machine* | -MACHINE* \
| -subsystem* | -SUBSYSTEM* \
| -verbose | -VERBOSE \
| -wx* | -WX* )
AR="$AR $1"
shift
;;
*)
action=$1
shift
break
;;
esac
done
orig_archive=$1
shift
func_file_conv "$orig_archive"
archive=$file
# strip leading dash in $action
action=${action#-}
delete=
extract=
list=
quick=
replace=
index=
create=
while test -n "$action"
do
case $action in
d*) delete=yes ;;
x*) extract=yes ;;
t*) list=yes ;;
q*) quick=yes ;;
r*) replace=yes ;;
s*) index=yes ;;
S*) ;; # the index is always updated implicitly
c*) create=yes ;;
u*) ;; # TODO: don't ignore the update modifier
v*) ;; # TODO: don't ignore the verbose modifier
*)
func_error "unknown action specified"
;;
esac
action=${action#?}
done
case $delete$extract$list$quick$replace,$index in
yes,* | ,yes)
;;
yesyes*)
func_error "more than one action specified"
;;
*)
func_error "no action specified"
;;
esac
if test -n "$delete"; then
if test ! -f "$orig_archive"; then
func_error "archive not found"
fi
for member
do
case $1 in
@*)
func_at_file "${1#@}" -REMOVE "$archive"
;;
*)
func_file_conv "$1"
$AR -NOLOGO -REMOVE:"$file" "$archive" || exit $?
;;
esac
done
elif test -n "$extract"; then
if test ! -f "$orig_archive"; then
func_error "archive not found"
fi
if test $# -gt 0; then
for member
do
case $1 in
@*)
func_at_file "${1#@}" -EXTRACT "$archive"
;;
*)
func_file_conv "$1"
$AR -NOLOGO -EXTRACT:"$file" "$archive" || exit $?
;;
esac
done
else
$AR -NOLOGO -LIST "$archive" | tr -d '\r' | sed -e 's/\\/\\\\/g' \
| while read member
do
$AR -NOLOGO -EXTRACT:"$member" "$archive" || exit $?
done
fi
elif test -n "$quick$replace"; then
if test ! -f "$orig_archive"; then
if test -z "$create"; then
echo "$me: creating $orig_archive"
fi
orig_archive=
else
orig_archive=$archive
fi
for member
do
case $1 in
@*)
func_file_conv "${1#@}"
set x "$@" "@$file"
;;
*)
func_file_conv "$1"
set x "$@" "$file"
;;
esac
shift
shift
done
if test -n "$orig_archive"; then
$AR -NOLOGO -OUT:"$archive" "$orig_archive" "$@" || exit $?
else
$AR -NOLOGO -OUT:"$archive" "$@" || exit $?
fi
elif test -n "$list"; then
if test ! -f "$orig_archive"; then
func_error "archive not found"
fi
$AR -NOLOGO -LIST "$archive" || exit $?
fi

348
compile Executable file
View file

@ -0,0 +1,348 @@
#! /bin/sh
# Wrapper for compilers which do not understand '-c -o'.
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2021 Free Software Foundation, Inc.
# Written by Tom Tromey <tromey@cygnus.com>.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# This file is maintained in Automake, please report
# bugs to <bug-automake@gnu.org> or send patches to
# <automake-patches@gnu.org>.
nl='
'
# We need space, tab and new line, in precisely that order. Quoting is
# there to prevent tools from complaining about whitespace usage.
IFS=" "" $nl"
file_conv=
# func_file_conv build_file lazy
# Convert a $build file to $host form and store it in $file
# Currently only supports Windows hosts. If the determined conversion
# type is listed in (the comma separated) LAZY, no conversion will
# take place.
func_file_conv ()
{
file=$1
case $file in
/ | /[!/]*) # absolute file, and not a UNC file
if test -z "$file_conv"; then
# lazily determine how to convert abs files
case `uname -s` in
MINGW*)
file_conv=mingw
;;
CYGWIN* | MSYS*)
file_conv=cygwin
;;
*)
file_conv=wine
;;
esac
fi
case $file_conv/,$2, in
*,$file_conv,*)
;;
mingw/*)
file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'`
;;
cygwin/* | msys/*)
file=`cygpath -m "$file" || echo "$file"`
;;
wine/*)
file=`winepath -w "$file" || echo "$file"`
;;
esac
;;
esac
}
# func_cl_dashL linkdir
# Make cl look for libraries in LINKDIR
func_cl_dashL ()
{
func_file_conv "$1"
if test -z "$lib_path"; then
lib_path=$file
else
lib_path="$lib_path;$file"
fi
linker_opts="$linker_opts -LIBPATH:$file"
}
# func_cl_dashl library
# Do a library search-path lookup for cl
func_cl_dashl ()
{
lib=$1
found=no
save_IFS=$IFS
IFS=';'
for dir in $lib_path $LIB
do
IFS=$save_IFS
if $shared && test -f "$dir/$lib.dll.lib"; then
found=yes
lib=$dir/$lib.dll.lib
break
fi
if test -f "$dir/$lib.lib"; then
found=yes
lib=$dir/$lib.lib
break
fi
if test -f "$dir/lib$lib.a"; then
found=yes
lib=$dir/lib$lib.a
break
fi
done
IFS=$save_IFS
if test "$found" != yes; then
lib=$lib.lib
fi
}
# func_cl_wrapper cl arg...
# Adjust compile command to suit cl
func_cl_wrapper ()
{
# Assume a capable shell
lib_path=
shared=:
linker_opts=
for arg
do
if test -n "$eat"; then
eat=
else
case $1 in
-o)
# configure might choose to run compile as 'compile cc -o foo foo.c'.
eat=1
case $2 in
*.o | *.[oO][bB][jJ])
func_file_conv "$2"
set x "$@" -Fo"$file"
shift
;;
*)
func_file_conv "$2"
set x "$@" -Fe"$file"
shift
;;
esac
;;
-I)
eat=1
func_file_conv "$2" mingw
set x "$@" -I"$file"
shift
;;
-I*)
func_file_conv "${1#-I}" mingw
set x "$@" -I"$file"
shift
;;
-l)
eat=1
func_cl_dashl "$2"
set x "$@" "$lib"
shift
;;
-l*)
func_cl_dashl "${1#-l}"
set x "$@" "$lib"
shift
;;
-L)
eat=1
func_cl_dashL "$2"
;;
-L*)
func_cl_dashL "${1#-L}"
;;
-static)
shared=false
;;
-Wl,*)
arg=${1#-Wl,}
save_ifs="$IFS"; IFS=','
for flag in $arg; do
IFS="$save_ifs"
linker_opts="$linker_opts $flag"
done
IFS="$save_ifs"
;;
-Xlinker)
eat=1
linker_opts="$linker_opts $2"
;;
-*)
set x "$@" "$1"
shift
;;
*.cc | *.CC | *.cxx | *.CXX | *.[cC]++)
func_file_conv "$1"
set x "$@" -Tp"$file"
shift
;;
*.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO])
func_file_conv "$1" mingw
set x "$@" "$file"
shift
;;
*)
set x "$@" "$1"
shift
;;
esac
fi
shift
done
if test -n "$linker_opts"; then
linker_opts="-link$linker_opts"
fi
exec "$@" $linker_opts
exit 1
}
eat=
case $1 in
'')
echo "$0: No command. Try '$0 --help' for more information." 1>&2
exit 1;
;;
-h | --h*)
cat <<\EOF
Usage: compile [--help] [--version] PROGRAM [ARGS]
Wrapper for compilers which do not understand '-c -o'.
Remove '-o dest.o' from ARGS, run PROGRAM with the remaining
arguments, and rename the output as expected.
If you are trying to build a whole package this is not the
right script to run: please start by reading the file 'INSTALL'.
Report bugs to <bug-automake@gnu.org>.
EOF
exit $?
;;
-v | --v*)
echo "compile $scriptversion"
exit $?
;;
cl | *[/\\]cl | cl.exe | *[/\\]cl.exe | \
icl | *[/\\]icl | icl.exe | *[/\\]icl.exe )
func_cl_wrapper "$@" # Doesn't return...
;;
esac
ofile=
cfile=
for arg
do
if test -n "$eat"; then
eat=
else
case $1 in
-o)
# configure might choose to run compile as 'compile cc -o foo foo.c'.
# So we strip '-o arg' only if arg is an object.
eat=1
case $2 in
*.o | *.obj)
ofile=$2
;;
*)
set x "$@" -o "$2"
shift
;;
esac
;;
*.c)
cfile=$1
set x "$@" "$1"
shift
;;
*)
set x "$@" "$1"
shift
;;
esac
fi
shift
done
if test -z "$ofile" || test -z "$cfile"; then
# If no '-o' option was seen then we might have been invoked from a
# pattern rule where we don't need one. That is ok -- this is a
# normal compilation that the losing compiler can handle. If no
# '.c' file was seen then we are probably linking. That is also
# ok.
exec "$@"
fi
# Name of file we expect compiler to create.
cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'`
# Create the lock directory.
# Note: use '[/\\:.-]' here to ensure that we don't use the same name
# that we are using for the .o file. Also, base the name on the expected
# object file name, since that is what matters with a parallel build.
lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d
while true; do
if mkdir "$lockdir" >/dev/null 2>&1; then
break
fi
sleep 1
done
# FIXME: race condition here if user kills between mkdir and trap.
trap "rmdir '$lockdir'; exit 1" 1 2 15
# Run the compile.
"$@"
ret=$?
if test -f "$cofile"; then
test "$cofile" = "$ofile" || mv "$cofile" "$ofile"
elif test -f "${cofile}bj"; then
test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile"
fi
rmdir "$lockdir"
exit $ret
# Local Variables:
# mode: shell-script
# sh-indentation: 2
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

1774
config.guess vendored Executable file
View file

File diff suppressed because it is too large Load diff

1907
config.sub vendored Executable file
View file

File diff suppressed because it is too large Load diff

16034
configure vendored Executable file
View file

File diff suppressed because it is too large Load diff

107
configure.ac Normal file
View file

@ -0,0 +1,107 @@
m4_define([cryptopANT_major_version], [1])
m4_define([cryptopANT_minor_version], [3])
m4_define([cryptopANT_micro_version], [1])
m4_define([cryptopANT_version], [cryptopANT_major_version.cryptopANT_minor_version.cryptopANT_micro_version])
#format: current:revision:age
#If the library source code has changed at all since the last update, then increment revision (c:r:a becomes c:r+1:a).
#If any interfaces have been added, removed, or changed since the last update, increment current, and set revision to 0.
#If any interfaces have been added since the last public release, then increment age.
#If any interfaces have been removed or changed since the last public release, then set age to 0.
#see also https://autotools.io/libtool/version.html
m4_define([cryptopANT_library_version], ["1:4:0"])
AC_INIT([cryptopANT], [cryptopANT_version], [ant@isi.edu], [cryptopANT])
dnl m4_pattern_allow(AC_CONFIG_MACRO_DIRS)
AC_CONFIG_MACRO_DIR([m4])
AC_CONFIG_HEADERS([src/config.h])
AC_PROG_CC
AC_C_BIGENDIAN()
AM_PROG_CC_C_O
# Check headers
AC_CHECK_HEADERS([openssl/blowfish.h], HAVE_OPENSSL=1, HAVE_OPENSSL=0)
AC_CHECK_HEADERS([openssl/sha.h],, HAVE_OPENSSL=0)
AC_CHECK_HEADERS([openssl/aes.h],, HAVE_OPENSSL=0)
AC_CHECK_HEADERS([openssl/md5.h],, HAVE_OPENSSL=0)
AC_CHECK_HEADERS([openssl/evp.h],, HAVE_OPENSSL=0)
AC_CHECK_HEADERS([openssl/provider.h],, HAVE_OPENSSL=0)
AC_CHECK_HEADERS([openssl/err.h],, HAVE_OPENSSL=0)
AC_CHECK_HEADERS([openssl/core_names.h],, HAVE_OPENSSL=0)
# Check for POSIX regular expressions support.
AC_CHECK_HEADERS([regex.h], HAVE_REGEX_H=1, HAVE_REGEX_H=0)
if test "x$HAVE_REGEX_H" = "x1"; then
AC_CHECK_FUNCS([regcomp regexec],, HAVE_REGEX=0)
else
HAVE_REGEX=0
fi
if test "x$HAVE_REGEX_H" = "x0"; then
AC_MSG_FAILURE([regex library is not found: make sure glibc-devel is installed])
fi
if test "x$HAVE_OPENSSL_H" = "x0"; then
AC_MSG_FAILURE([ssl is not found: make sure openssl-devel is installed])
fi
AC_CHECK_LIB([crypto], [EVP_CIPHER_CTX_new],, HAVE_OPENSSL=0)
AC_CHECK_LIB([crypto], [EVP_MD_CTX_new],, HAVE_OPENSSL=0)
if test "x$HAVE_OPENSSL" = "x0"; then
AC_MSG_FAILURE([ssl is not found: make sure openssl library version 3.1.0 or higher is installed])
fi
AC_DEFINE([HAVE_S6_ADDR32], [0], [S6_ADDR32 is present in in6_addr when defined])
AC_DEFINE([HAVE__U6_ADDR32], [0], [U6_ADDR32 is present in in6_addr when defined])
AC_CHECK_MEMBER([struct in6_addr.s6_addr32],
[AC_DEFINE([HAVE_S6_ADDR32], [1])],
[
AC_CHECK_MEMBER([struct in6_addr.__u6_addr.__u6_addr32],
[AC_DEFINE([HAVE__U6_ADDR32], [1])],
[AC_MSG_ERROR([CAN'T find s6_addr32])],
[#include <netinet/in.h>])
], [#include <netinet/in.h>])
AC_CHECK_FUNCS([strlcpy])
AC_C_CONST
AC_TYPE_SIZE_T
AC_TYPE_UINT32_T
# Check --enable-warn-all
AC_ARG_ENABLE([warn-all], [AS_HELP_STRING([--enable-warn-all], [Enable all compiler warnings])], [AX_CFLAGS_WARN_ALL()])
# Check --with-extra-cflags
AC_ARG_WITH([extra-cflags], [AS_HELP_STRING([--with-extra-cflags=CFLAGS], [Add extra CFLAGS])], [
AC_MSG_NOTICE([appending extra CFLAGS... $withval])
AS_VAR_APPEND(CFLAGS, [" $withval"])
])
# Check --with-extra-ldflags
AC_ARG_WITH([extra-ldflags], [AS_HELP_STRING([--with-extra-ldflags=CFLAGS], [Add extra LDFLAGS])], [
AC_MSG_NOTICE([appending extra LDFLAGS... $withval])
AS_VAR_APPEND(LDFLAGS, [" $withval"])
])
# Check --with-scramble_ips
build_scramble_ips=no
AC_ARG_WITH([scramble_ips], [AS_HELP_STRING([--with-scramble_ips], [Also build scramble_ips tool])], [
build_scramble_ips=$withval
AS_IF([test "x$build_scramble_ips" = "xyes"],
[AC_MSG_NOTICE([Building tool "scramble_ips"])],
[AC_MSG_NOTICE([Not building tool "scramble_ips"])]
)
])
AM_CONDITIONAL([BUILD_SCRAMBLE_IPS], [test "x$build_scramble_ips" = "xyes"])
AC_CONFIG_FILES([Makefile cryptopANT.spec])
AC_ENABLE_SHARED
AC_ENABLE_STATIC
AM_INIT_AUTOMAKE([-Wall -Werror foreign subdir-objects])
m4_ifdef([AM_PROG_AR], [AM_PROG_AR])
LT_INIT
AC_SUBST([PACKAGE_VERSION], [cryptopANT_version])
AC_SUBST([PACKAGE_VERSION_MAJOR], [cryptopANT_major_version])
AC_SUBST([PACKAGE_VERSION_MINOR], [cryptopANT_minor_version])
AC_SUBST([PACKAGE_VERSION_MICRO], [cryptopANT_micro_version])
AC_SUBST([CRYPTOPANT_LIBRARY_VERSION], [cryptopANT_library_version])
AC_OUTPUT

57
cryptopANT.spec.in Normal file
View file

@ -0,0 +1,57 @@
%define name cryptopANT
%define version @PACKAGE_VERSION@
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Summary: IP address anonymization library and utils
License: GPL
URL: http://ant.isi.edu/software/cryptopANT/index.html
Name: %{name}
Version: %{version}
Release: 1
Source: %{name}-%{version}.tar.gz
Packager: yuri@isi.edu
Prefix: /usr
Group: System/Libraries
BuildRequires: gcc glibc-headers
BuildRequires: openssl-devel >= 1.3.0
BuildRequires: autoconf automake libtool
Requires: openssl >= 1.3.0
%description
cryptopANT is a library for ip address anonymization. It implements a
widely used prefix-preserving technique known as "cryptopan". This is
ANT's project implementation of this technique for anonymization of ipv4
and ipv6 addresses.
%prep
%setup -q
%build
%configure --with-scramble_ips
make
%install
rm -rf $RPM_BUILD_ROOT
make install DESTDIR=%{buildroot}
libtool --finish %{_libdir}
%clean
rm -rf $RPM_BUILD_ROOT
%post
/sbin/ldconfig
%postun
/sbin/ldconfig
%files
%defattr(-,root,root,-)
%{_includedir}/*
%{_libdir}/*.so
%{_libdir}/*.so.*
%{_libdir}/*.a
%{_bindir}/scramble_ips
%{_mandir}/man3/*
%changelog
* Mon Mar 25 2024 Yuri Pradkin <yuri@isi.edu> - 1.4.1
- Fixed blowfish regression introduced in 1.4.0

791
depcomp Executable file
View file

@ -0,0 +1,791 @@
#! /bin/sh
# depcomp - compile a program generating dependencies as side-effects
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1999-2021 Free Software Foundation, Inc.
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# Originally written by Alexandre Oliva <oliva@dcc.unicamp.br>.
case $1 in
'')
echo "$0: No command. Try '$0 --help' for more information." 1>&2
exit 1;
;;
-h | --h*)
cat <<\EOF
Usage: depcomp [--help] [--version] PROGRAM [ARGS]
Run PROGRAMS ARGS to compile a file, generating dependencies
as side-effects.
Environment variables:
depmode Dependency tracking mode.
source Source file read by 'PROGRAMS ARGS'.
object Object file output by 'PROGRAMS ARGS'.
DEPDIR directory where to store dependencies.
depfile Dependency file to output.
tmpdepfile Temporary file to use when outputting dependencies.
libtool Whether libtool is used (yes/no).
Report bugs to <bug-automake@gnu.org>.
EOF
exit $?
;;
-v | --v*)
echo "depcomp $scriptversion"
exit $?
;;
esac
# Get the directory component of the given path, and save it in the
# global variables '$dir'. Note that this directory component will
# be either empty or ending with a '/' character. This is deliberate.
set_dir_from ()
{
case $1 in
*/*) dir=`echo "$1" | sed -e 's|/[^/]*$|/|'`;;
*) dir=;;
esac
}
# Get the suffix-stripped basename of the given path, and save it the
# global variable '$base'.
set_base_from ()
{
base=`echo "$1" | sed -e 's|^.*/||' -e 's/\.[^.]*$//'`
}
# If no dependency file was actually created by the compiler invocation,
# we still have to create a dummy depfile, to avoid errors with the
# Makefile "include basename.Plo" scheme.
make_dummy_depfile ()
{
echo "#dummy" > "$depfile"
}
# Factor out some common post-processing of the generated depfile.
# Requires the auxiliary global variable '$tmpdepfile' to be set.
aix_post_process_depfile ()
{
# If the compiler actually managed to produce a dependency file,
# post-process it.
if test -f "$tmpdepfile"; then
# Each line is of the form 'foo.o: dependency.h'.
# Do two passes, one to just change these to
# $object: dependency.h
# and one to simply output
# dependency.h:
# which is needed to avoid the deleted-header problem.
{ sed -e "s,^.*\.[$lower]*:,$object:," < "$tmpdepfile"
sed -e "s,^.*\.[$lower]*:[$tab ]*,," -e 's,$,:,' < "$tmpdepfile"
} > "$depfile"
rm -f "$tmpdepfile"
else
make_dummy_depfile
fi
}
# A tabulation character.
tab=' '
# A newline character.
nl='
'
# Character ranges might be problematic outside the C locale.
# These definitions help.
upper=ABCDEFGHIJKLMNOPQRSTUVWXYZ
lower=abcdefghijklmnopqrstuvwxyz
digits=0123456789
alpha=${upper}${lower}
if test -z "$depmode" || test -z "$source" || test -z "$object"; then
echo "depcomp: Variables source, object and depmode must be set" 1>&2
exit 1
fi
# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po.
depfile=${depfile-`echo "$object" |
sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`}
tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`}
rm -f "$tmpdepfile"
# Avoid interferences from the environment.
gccflag= dashmflag=
# Some modes work just like other modes, but use different flags. We
# parameterize here, but still list the modes in the big case below,
# to make depend.m4 easier to write. Note that we *cannot* use a case
# here, because this file can only contain one case statement.
if test "$depmode" = hp; then
# HP compiler uses -M and no extra arg.
gccflag=-M
depmode=gcc
fi
if test "$depmode" = dashXmstdout; then
# This is just like dashmstdout with a different argument.
dashmflag=-xM
depmode=dashmstdout
fi
cygpath_u="cygpath -u -f -"
if test "$depmode" = msvcmsys; then
# This is just like msvisualcpp but w/o cygpath translation.
# Just convert the backslash-escaped backslashes to single forward
# slashes to satisfy depend.m4
cygpath_u='sed s,\\\\,/,g'
depmode=msvisualcpp
fi
if test "$depmode" = msvc7msys; then
# This is just like msvc7 but w/o cygpath translation.
# Just convert the backslash-escaped backslashes to single forward
# slashes to satisfy depend.m4
cygpath_u='sed s,\\\\,/,g'
depmode=msvc7
fi
if test "$depmode" = xlc; then
# IBM C/C++ Compilers xlc/xlC can output gcc-like dependency information.
gccflag=-qmakedep=gcc,-MF
depmode=gcc
fi
case "$depmode" in
gcc3)
## gcc 3 implements dependency tracking that does exactly what
## we want. Yay! Note: for some reason libtool 1.4 doesn't like
## it if -MD -MP comes after the -MF stuff. Hmm.
## Unfortunately, FreeBSD c89 acceptance of flags depends upon
## the command line argument order; so add the flags where they
## appear in depend2.am. Note that the slowdown incurred here
## affects only configure: in makefiles, %FASTDEP% shortcuts this.
for arg
do
case $arg in
-c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;;
*) set fnord "$@" "$arg" ;;
esac
shift # fnord
shift # $arg
done
"$@"
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile"
exit $stat
fi
mv "$tmpdepfile" "$depfile"
;;
gcc)
## Note that this doesn't just cater to obsosete pre-3.x GCC compilers.
## but also to in-use compilers like IMB xlc/xlC and the HP C compiler.
## (see the conditional assignment to $gccflag above).
## There are various ways to get dependency output from gcc. Here's
## why we pick this rather obscure method:
## - Don't want to use -MD because we'd like the dependencies to end
## up in a subdir. Having to rename by hand is ugly.
## (We might end up doing this anyway to support other compilers.)
## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like
## -MM, not -M (despite what the docs say). Also, it might not be
## supported by the other compilers which use the 'gcc' depmode.
## - Using -M directly means running the compiler twice (even worse
## than renaming).
if test -z "$gccflag"; then
gccflag=-MD,
fi
"$@" -Wp,"$gccflag$tmpdepfile"
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile"
exit $stat
fi
rm -f "$depfile"
echo "$object : \\" > "$depfile"
# The second -e expression handles DOS-style file names with drive
# letters.
sed -e 's/^[^:]*: / /' \
-e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile"
## This next piece of magic avoids the "deleted header file" problem.
## The problem is that when a header file which appears in a .P file
## is deleted, the dependency causes make to die (because there is
## typically no way to rebuild the header). We avoid this by adding
## dummy dependencies for each header file. Too bad gcc doesn't do
## this for us directly.
## Some versions of gcc put a space before the ':'. On the theory
## that the space means something, we add a space to the output as
## well. hp depmode also adds that space, but also prefixes the VPATH
## to the object. Take care to not repeat it in the output.
## Some versions of the HPUX 10.20 sed can't process this invocation
## correctly. Breaking it into two sed invocations is a workaround.
tr ' ' "$nl" < "$tmpdepfile" \
| sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \
| sed -e 's/$/ :/' >> "$depfile"
rm -f "$tmpdepfile"
;;
hp)
# This case exists only to let depend.m4 do its work. It works by
# looking at the text of this script. This case will never be run,
# since it is checked for above.
exit 1
;;
sgi)
if test "$libtool" = yes; then
"$@" "-Wp,-MDupdate,$tmpdepfile"
else
"$@" -MDupdate "$tmpdepfile"
fi
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile"
exit $stat
fi
rm -f "$depfile"
if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files
echo "$object : \\" > "$depfile"
# Clip off the initial element (the dependent). Don't try to be
# clever and replace this with sed code, as IRIX sed won't handle
# lines with more than a fixed number of characters (4096 in
# IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines;
# the IRIX cc adds comments like '#:fec' to the end of the
# dependency line.
tr ' ' "$nl" < "$tmpdepfile" \
| sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' \
| tr "$nl" ' ' >> "$depfile"
echo >> "$depfile"
# The second pass generates a dummy entry for each header file.
tr ' ' "$nl" < "$tmpdepfile" \
| sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \
>> "$depfile"
else
make_dummy_depfile
fi
rm -f "$tmpdepfile"
;;
xlc)
# This case exists only to let depend.m4 do its work. It works by
# looking at the text of this script. This case will never be run,
# since it is checked for above.
exit 1
;;
aix)
# The C for AIX Compiler uses -M and outputs the dependencies
# in a .u file. In older versions, this file always lives in the
# current directory. Also, the AIX compiler puts '$object:' at the
# start of each line; $object doesn't have directory information.
# Version 6 uses the directory in both cases.
set_dir_from "$object"
set_base_from "$object"
if test "$libtool" = yes; then
tmpdepfile1=$dir$base.u
tmpdepfile2=$base.u
tmpdepfile3=$dir.libs/$base.u
"$@" -Wc,-M
else
tmpdepfile1=$dir$base.u
tmpdepfile2=$dir$base.u
tmpdepfile3=$dir$base.u
"$@" -M
fi
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
exit $stat
fi
for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
do
test -f "$tmpdepfile" && break
done
aix_post_process_depfile
;;
tcc)
# tcc (Tiny C Compiler) understand '-MD -MF file' since version 0.9.26
# FIXME: That version still under development at the moment of writing.
# Make that this statement remains true also for stable, released
# versions.
# It will wrap lines (doesn't matter whether long or short) with a
# trailing '\', as in:
#
# foo.o : \
# foo.c \
# foo.h \
#
# It will put a trailing '\' even on the last line, and will use leading
# spaces rather than leading tabs (at least since its commit 0394caf7
# "Emit spaces for -MD").
"$@" -MD -MF "$tmpdepfile"
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile"
exit $stat
fi
rm -f "$depfile"
# Each non-empty line is of the form 'foo.o : \' or ' dep.h \'.
# We have to change lines of the first kind to '$object: \'.
sed -e "s|.*:|$object :|" < "$tmpdepfile" > "$depfile"
# And for each line of the second kind, we have to emit a 'dep.h:'
# dummy dependency, to avoid the deleted-header problem.
sed -n -e 's|^ *\(.*\) *\\$|\1:|p' < "$tmpdepfile" >> "$depfile"
rm -f "$tmpdepfile"
;;
## The order of this option in the case statement is important, since the
## shell code in configure will try each of these formats in the order
## listed in this file. A plain '-MD' option would be understood by many
## compilers, so we must ensure this comes after the gcc and icc options.
pgcc)
# Portland's C compiler understands '-MD'.
# Will always output deps to 'file.d' where file is the root name of the
# source file under compilation, even if file resides in a subdirectory.
# The object file name does not affect the name of the '.d' file.
# pgcc 10.2 will output
# foo.o: sub/foo.c sub/foo.h
# and will wrap long lines using '\' :
# foo.o: sub/foo.c ... \
# sub/foo.h ... \
# ...
set_dir_from "$object"
# Use the source, not the object, to determine the base name, since
# that's sadly what pgcc will do too.
set_base_from "$source"
tmpdepfile=$base.d
# For projects that build the same source file twice into different object
# files, the pgcc approach of using the *source* file root name can cause
# problems in parallel builds. Use a locking strategy to avoid stomping on
# the same $tmpdepfile.
lockdir=$base.d-lock
trap "
echo '$0: caught signal, cleaning up...' >&2
rmdir '$lockdir'
exit 1
" 1 2 13 15
numtries=100
i=$numtries
while test $i -gt 0; do
# mkdir is a portable test-and-set.
if mkdir "$lockdir" 2>/dev/null; then
# This process acquired the lock.
"$@" -MD
stat=$?
# Release the lock.
rmdir "$lockdir"
break
else
# If the lock is being held by a different process, wait
# until the winning process is done or we timeout.
while test -d "$lockdir" && test $i -gt 0; do
sleep 1
i=`expr $i - 1`
done
fi
i=`expr $i - 1`
done
trap - 1 2 13 15
if test $i -le 0; then
echo "$0: failed to acquire lock after $numtries attempts" >&2
echo "$0: check lockdir '$lockdir'" >&2
exit 1
fi
if test $stat -ne 0; then
rm -f "$tmpdepfile"
exit $stat
fi
rm -f "$depfile"
# Each line is of the form `foo.o: dependent.h',
# or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'.
# Do two passes, one to just change these to
# `$object: dependent.h' and one to simply `dependent.h:'.
sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile"
# Some versions of the HPUX 10.20 sed can't process this invocation
# correctly. Breaking it into two sed invocations is a workaround.
sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" \
| sed -e 's/$/ :/' >> "$depfile"
rm -f "$tmpdepfile"
;;
hp2)
# The "hp" stanza above does not work with aCC (C++) and HP's ia64
# compilers, which have integrated preprocessors. The correct option
# to use with these is +Maked; it writes dependencies to a file named
# 'foo.d', which lands next to the object file, wherever that
# happens to be.
# Much of this is similar to the tru64 case; see comments there.
set_dir_from "$object"
set_base_from "$object"
if test "$libtool" = yes; then
tmpdepfile1=$dir$base.d
tmpdepfile2=$dir.libs/$base.d
"$@" -Wc,+Maked
else
tmpdepfile1=$dir$base.d
tmpdepfile2=$dir$base.d
"$@" +Maked
fi
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile1" "$tmpdepfile2"
exit $stat
fi
for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2"
do
test -f "$tmpdepfile" && break
done
if test -f "$tmpdepfile"; then
sed -e "s,^.*\.[$lower]*:,$object:," "$tmpdepfile" > "$depfile"
# Add 'dependent.h:' lines.
sed -ne '2,${
s/^ *//
s/ \\*$//
s/$/:/
p
}' "$tmpdepfile" >> "$depfile"
else
make_dummy_depfile
fi
rm -f "$tmpdepfile" "$tmpdepfile2"
;;
tru64)
# The Tru64 compiler uses -MD to generate dependencies as a side
# effect. 'cc -MD -o foo.o ...' puts the dependencies into 'foo.o.d'.
# At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put
# dependencies in 'foo.d' instead, so we check for that too.
# Subdirectories are respected.
set_dir_from "$object"
set_base_from "$object"
if test "$libtool" = yes; then
# Libtool generates 2 separate objects for the 2 libraries. These
# two compilations output dependencies in $dir.libs/$base.o.d and
# in $dir$base.o.d. We have to check for both files, because
# one of the two compilations can be disabled. We should prefer
# $dir$base.o.d over $dir.libs/$base.o.d because the latter is
# automatically cleaned when .libs/ is deleted, while ignoring
# the former would cause a distcleancheck panic.
tmpdepfile1=$dir$base.o.d # libtool 1.5
tmpdepfile2=$dir.libs/$base.o.d # Likewise.
tmpdepfile3=$dir.libs/$base.d # Compaq CCC V6.2-504
"$@" -Wc,-MD
else
tmpdepfile1=$dir$base.d
tmpdepfile2=$dir$base.d
tmpdepfile3=$dir$base.d
"$@" -MD
fi
stat=$?
if test $stat -ne 0; then
rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
exit $stat
fi
for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
do
test -f "$tmpdepfile" && break
done
# Same post-processing that is required for AIX mode.
aix_post_process_depfile
;;
msvc7)
if test "$libtool" = yes; then
showIncludes=-Wc,-showIncludes
else
showIncludes=-showIncludes
fi
"$@" $showIncludes > "$tmpdepfile"
stat=$?
grep -v '^Note: including file: ' "$tmpdepfile"
if test $stat -ne 0; then
rm -f "$tmpdepfile"
exit $stat
fi
rm -f "$depfile"
echo "$object : \\" > "$depfile"
# The first sed program below extracts the file names and escapes
# backslashes for cygpath. The second sed program outputs the file
# name when reading, but also accumulates all include files in the
# hold buffer in order to output them again at the end. This only
# works with sed implementations that can handle large buffers.
sed < "$tmpdepfile" -n '
/^Note: including file: *\(.*\)/ {
s//\1/
s/\\/\\\\/g
p
}' | $cygpath_u | sort -u | sed -n '
s/ /\\ /g
s/\(.*\)/'"$tab"'\1 \\/p
s/.\(.*\) \\/\1:/
H
$ {
s/.*/'"$tab"'/
G
p
}' >> "$depfile"
echo >> "$depfile" # make sure the fragment doesn't end with a backslash
rm -f "$tmpdepfile"
;;
msvc7msys)
# This case exists only to let depend.m4 do its work. It works by
# looking at the text of this script. This case will never be run,
# since it is checked for above.
exit 1
;;
#nosideeffect)
# This comment above is used by automake to tell side-effect
# dependency tracking mechanisms from slower ones.
dashmstdout)
# Important note: in order to support this mode, a compiler *must*
# always write the preprocessed file to stdout, regardless of -o.
"$@" || exit $?
# Remove the call to Libtool.
if test "$libtool" = yes; then
while test "X$1" != 'X--mode=compile'; do
shift
done
shift
fi
# Remove '-o $object'.
IFS=" "
for arg
do
case $arg in
-o)
shift
;;
$object)
shift
;;
*)
set fnord "$@" "$arg"
shift # fnord
shift # $arg
;;
esac
done
test -z "$dashmflag" && dashmflag=-M
# Require at least two characters before searching for ':'
# in the target name. This is to cope with DOS-style filenames:
# a dependency such as 'c:/foo/bar' could be seen as target 'c' otherwise.
"$@" $dashmflag |
sed "s|^[$tab ]*[^:$tab ][^:][^:]*:[$tab ]*|$object: |" > "$tmpdepfile"
rm -f "$depfile"
cat < "$tmpdepfile" > "$depfile"
# Some versions of the HPUX 10.20 sed can't process this sed invocation
# correctly. Breaking it into two sed invocations is a workaround.
tr ' ' "$nl" < "$tmpdepfile" \
| sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \
| sed -e 's/$/ :/' >> "$depfile"
rm -f "$tmpdepfile"
;;
dashXmstdout)
# This case only exists to satisfy depend.m4. It is never actually
# run, as this mode is specially recognized in the preamble.
exit 1
;;
makedepend)
"$@" || exit $?
# Remove any Libtool call
if test "$libtool" = yes; then
while test "X$1" != 'X--mode=compile'; do
shift
done
shift
fi
# X makedepend
shift
cleared=no eat=no
for arg
do
case $cleared in
no)
set ""; shift
cleared=yes ;;
esac
if test $eat = yes; then
eat=no
continue
fi
case "$arg" in
-D*|-I*)
set fnord "$@" "$arg"; shift ;;
# Strip any option that makedepend may not understand. Remove
# the object too, otherwise makedepend will parse it as a source file.
-arch)
eat=yes ;;
-*|$object)
;;
*)
set fnord "$@" "$arg"; shift ;;
esac
done
obj_suffix=`echo "$object" | sed 's/^.*\././'`
touch "$tmpdepfile"
${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@"
rm -f "$depfile"
# makedepend may prepend the VPATH from the source file name to the object.
# No need to regex-escape $object, excess matching of '.' is harmless.
sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile"
# Some versions of the HPUX 10.20 sed can't process the last invocation
# correctly. Breaking it into two sed invocations is a workaround.
sed '1,2d' "$tmpdepfile" \
| tr ' ' "$nl" \
| sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \
| sed -e 's/$/ :/' >> "$depfile"
rm -f "$tmpdepfile" "$tmpdepfile".bak
;;
cpp)
# Important note: in order to support this mode, a compiler *must*
# always write the preprocessed file to stdout.
"$@" || exit $?
# Remove the call to Libtool.
if test "$libtool" = yes; then
while test "X$1" != 'X--mode=compile'; do
shift
done
shift
fi
# Remove '-o $object'.
IFS=" "
for arg
do
case $arg in
-o)
shift
;;
$object)
shift
;;
*)
set fnord "$@" "$arg"
shift # fnord
shift # $arg
;;
esac
done
"$@" -E \
| sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \
-e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \
| sed '$ s: \\$::' > "$tmpdepfile"
rm -f "$depfile"
echo "$object : \\" > "$depfile"
cat < "$tmpdepfile" >> "$depfile"
sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile"
rm -f "$tmpdepfile"
;;
msvisualcpp)
# Important note: in order to support this mode, a compiler *must*
# always write the preprocessed file to stdout.
"$@" || exit $?
# Remove the call to Libtool.
if test "$libtool" = yes; then
while test "X$1" != 'X--mode=compile'; do
shift
done
shift
fi
IFS=" "
for arg
do
case "$arg" in
-o)
shift
;;
$object)
shift
;;
"-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI")
set fnord "$@"
shift
shift
;;
*)
set fnord "$@" "$arg"
shift
shift
;;
esac
done
"$@" -E 2>/dev/null |
sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile"
rm -f "$depfile"
echo "$object : \\" > "$depfile"
sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::'"$tab"'\1 \\:p' >> "$depfile"
echo "$tab" >> "$depfile"
sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile"
rm -f "$tmpdepfile"
;;
msvcmsys)
# This case exists only to let depend.m4 do its work. It works by
# looking at the text of this script. This case will never be run,
# since it is checked for above.
exit 1
;;
none)
exec "$@"
;;
*)
echo "Unknown depmode $depmode" 1>&2
exit 1
;;
esac
exit 0
# Local Variables:
# mode: shell-script
# sh-indentation: 2
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

541
install-sh Executable file
View file

@ -0,0 +1,541 @@
#!/bin/sh
# install - install a program, script, or datafile
scriptversion=2020-11-14.01; # UTC
# This originates from X11R5 (mit/util/scripts/install.sh), which was
# later released in X11R6 (xc/config/util/install.sh) with the
# following copyright and license.
#
# Copyright (C) 1994 X Consortium
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
# Except as contained in this notice, the name of the X Consortium shall not
# be used in advertising or otherwise to promote the sale, use or other deal-
# ings in this Software without prior written authorization from the X Consor-
# tium.
#
#
# FSF changes to this file are in the public domain.
#
# Calling this script install-sh is preferred over install.sh, to prevent
# 'make' implicit rules from creating a file called install from it
# when there is no Makefile.
#
# This script is compatible with the BSD install script, but was written
# from scratch.
tab=' '
nl='
'
IFS=" $tab$nl"
# Set DOITPROG to "echo" to test this script.
doit=${DOITPROG-}
doit_exec=${doit:-exec}
# Put in absolute file names if you don't have them in your path;
# or use environment vars.
chgrpprog=${CHGRPPROG-chgrp}
chmodprog=${CHMODPROG-chmod}
chownprog=${CHOWNPROG-chown}
cmpprog=${CMPPROG-cmp}
cpprog=${CPPROG-cp}
mkdirprog=${MKDIRPROG-mkdir}
mvprog=${MVPROG-mv}
rmprog=${RMPROG-rm}
stripprog=${STRIPPROG-strip}
posix_mkdir=
# Desired mode of installed file.
mode=0755
# Create dirs (including intermediate dirs) using mode 755.
# This is like GNU 'install' as of coreutils 8.32 (2020).
mkdir_umask=22
backupsuffix=
chgrpcmd=
chmodcmd=$chmodprog
chowncmd=
mvcmd=$mvprog
rmcmd="$rmprog -f"
stripcmd=
src=
dst=
dir_arg=
dst_arg=
copy_on_change=false
is_target_a_directory=possibly
usage="\
Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
or: $0 [OPTION]... SRCFILES... DIRECTORY
or: $0 [OPTION]... -t DIRECTORY SRCFILES...
or: $0 [OPTION]... -d DIRECTORIES...
In the 1st form, copy SRCFILE to DSTFILE.
In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
In the 4th, create DIRECTORIES.
Options:
--help display this help and exit.
--version display version info and exit.
-c (ignored)
-C install only if different (preserve data modification time)
-d create directories instead of installing files.
-g GROUP $chgrpprog installed files to GROUP.
-m MODE $chmodprog installed files to MODE.
-o USER $chownprog installed files to USER.
-p pass -p to $cpprog.
-s $stripprog installed files.
-S SUFFIX attempt to back up existing files, with suffix SUFFIX.
-t DIRECTORY install into DIRECTORY.
-T report an error if DSTFILE is a directory.
Environment variables override the default commands:
CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
RMPROG STRIPPROG
By default, rm is invoked with -f; when overridden with RMPROG,
it's up to you to specify -f if you want it.
If -S is not specified, no backups are attempted.
Email bug reports to bug-automake@gnu.org.
Automake home page: https://www.gnu.org/software/automake/
"
while test $# -ne 0; do
case $1 in
-c) ;;
-C) copy_on_change=true;;
-d) dir_arg=true;;
-g) chgrpcmd="$chgrpprog $2"
shift;;
--help) echo "$usage"; exit $?;;
-m) mode=$2
case $mode in
*' '* | *"$tab"* | *"$nl"* | *'*'* | *'?'* | *'['*)
echo "$0: invalid mode: $mode" >&2
exit 1;;
esac
shift;;
-o) chowncmd="$chownprog $2"
shift;;
-p) cpprog="$cpprog -p";;
-s) stripcmd=$stripprog;;
-S) backupsuffix="$2"
shift;;
-t)
is_target_a_directory=always
dst_arg=$2
# Protect names problematic for 'test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
shift;;
-T) is_target_a_directory=never;;
--version) echo "$0 $scriptversion"; exit $?;;
--) shift
break;;
-*) echo "$0: invalid option: $1" >&2
exit 1;;
*) break;;
esac
shift
done
# We allow the use of options -d and -T together, by making -d
# take the precedence; this is for compatibility with GNU install.
if test -n "$dir_arg"; then
if test -n "$dst_arg"; then
echo "$0: target directory not allowed when installing a directory." >&2
exit 1
fi
fi
if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
# When -d is used, all remaining arguments are directories to create.
# When -t is used, the destination is already specified.
# Otherwise, the last argument is the destination. Remove it from $@.
for arg
do
if test -n "$dst_arg"; then
# $@ is not empty: it contains at least $arg.
set fnord "$@" "$dst_arg"
shift # fnord
fi
shift # arg
dst_arg=$arg
# Protect names problematic for 'test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
done
fi
if test $# -eq 0; then
if test -z "$dir_arg"; then
echo "$0: no input file specified." >&2
exit 1
fi
# It's OK to call 'install-sh -d' without argument.
# This can happen when creating conditional directories.
exit 0
fi
if test -z "$dir_arg"; then
if test $# -gt 1 || test "$is_target_a_directory" = always; then
if test ! -d "$dst_arg"; then
echo "$0: $dst_arg: Is not a directory." >&2
exit 1
fi
fi
fi
if test -z "$dir_arg"; then
do_exit='(exit $ret); exit $ret'
trap "ret=129; $do_exit" 1
trap "ret=130; $do_exit" 2
trap "ret=141; $do_exit" 13
trap "ret=143; $do_exit" 15
# Set umask so as not to create temps with too-generous modes.
# However, 'strip' requires both read and write access to temps.
case $mode in
# Optimize common cases.
*644) cp_umask=133;;
*755) cp_umask=22;;
*[0-7])
if test -z "$stripcmd"; then
u_plus_rw=
else
u_plus_rw='% 200'
fi
cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;;
*)
if test -z "$stripcmd"; then
u_plus_rw=
else
u_plus_rw=,u+rw
fi
cp_umask=$mode$u_plus_rw;;
esac
fi
for src
do
# Protect names problematic for 'test' and other utilities.
case $src in
-* | [=\(\)!]) src=./$src;;
esac
if test -n "$dir_arg"; then
dst=$src
dstdir=$dst
test -d "$dstdir"
dstdir_status=$?
# Don't chown directories that already exist.
if test $dstdir_status = 0; then
chowncmd=""
fi
else
# Waiting for this to be detected by the "$cpprog $src $dsttmp" command
# might cause directories to be created, which would be especially bad
# if $src (and thus $dsttmp) contains '*'.
if test ! -f "$src" && test ! -d "$src"; then
echo "$0: $src does not exist." >&2
exit 1
fi
if test -z "$dst_arg"; then
echo "$0: no destination specified." >&2
exit 1
fi
dst=$dst_arg
# If destination is a directory, append the input filename.
if test -d "$dst"; then
if test "$is_target_a_directory" = never; then
echo "$0: $dst_arg: Is a directory" >&2
exit 1
fi
dstdir=$dst
dstbase=`basename "$src"`
case $dst in
*/) dst=$dst$dstbase;;
*) dst=$dst/$dstbase;;
esac
dstdir_status=0
else
dstdir=`dirname "$dst"`
test -d "$dstdir"
dstdir_status=$?
fi
fi
case $dstdir in
*/) dstdirslash=$dstdir;;
*) dstdirslash=$dstdir/;;
esac
obsolete_mkdir_used=false
if test $dstdir_status != 0; then
case $posix_mkdir in
'')
# With -d, create the new directory with the user-specified mode.
# Otherwise, rely on $mkdir_umask.
if test -n "$dir_arg"; then
mkdir_mode=-m$mode
else
mkdir_mode=
fi
posix_mkdir=false
# The $RANDOM variable is not portable (e.g., dash). Use it
# here however when possible just to lower collision chance.
tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
trap '
ret=$?
rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" 2>/dev/null
exit $ret
' 0
# Because "mkdir -p" follows existing symlinks and we likely work
# directly in world-writeable /tmp, make sure that the '$tmpdir'
# directory is successfully created first before we actually test
# 'mkdir -p'.
if (umask $mkdir_umask &&
$mkdirprog $mkdir_mode "$tmpdir" &&
exec $mkdirprog $mkdir_mode -p -- "$tmpdir/a/b") >/dev/null 2>&1
then
if test -z "$dir_arg" || {
# Check for POSIX incompatibilities with -m.
# HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
# other-writable bit of parent directory when it shouldn't.
# FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
test_tmpdir="$tmpdir/a"
ls_ld_tmpdir=`ls -ld "$test_tmpdir"`
case $ls_ld_tmpdir in
d????-?r-*) different_mode=700;;
d????-?--*) different_mode=755;;
*) false;;
esac &&
$mkdirprog -m$different_mode -p -- "$test_tmpdir" && {
ls_ld_tmpdir_1=`ls -ld "$test_tmpdir"`
test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
}
}
then posix_mkdir=:
fi
rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir"
else
# Remove any dirs left behind by ancient mkdir implementations.
rmdir ./$mkdir_mode ./-p ./-- "$tmpdir" 2>/dev/null
fi
trap '' 0;;
esac
if
$posix_mkdir && (
umask $mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
)
then :
else
# mkdir does not conform to POSIX,
# or it failed possibly due to a race condition. Create the
# directory the slow way, step by step, checking for races as we go.
case $dstdir in
/*) prefix='/';;
[-=\(\)!]*) prefix='./';;
*) prefix='';;
esac
oIFS=$IFS
IFS=/
set -f
set fnord $dstdir
shift
set +f
IFS=$oIFS
prefixes=
for d
do
test X"$d" = X && continue
prefix=$prefix$d
if test -d "$prefix"; then
prefixes=
else
if $posix_mkdir; then
(umask $mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
# Don't fail if two instances are running concurrently.
test -d "$prefix" || exit 1
else
case $prefix in
*\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
*) qprefix=$prefix;;
esac
prefixes="$prefixes '$qprefix'"
fi
fi
prefix=$prefix/
done
if test -n "$prefixes"; then
# Don't fail if two instances are running concurrently.
(umask $mkdir_umask &&
eval "\$doit_exec \$mkdirprog $prefixes") ||
test -d "$dstdir" || exit 1
obsolete_mkdir_used=true
fi
fi
fi
if test -n "$dir_arg"; then
{ test -z "$chowncmd" || $doit $chowncmd "$dst"; } &&
{ test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } &&
{ test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false ||
test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1
else
# Make a couple of temp file names in the proper directory.
dsttmp=${dstdirslash}_inst.$$_
rmtmp=${dstdirslash}_rm.$$_
# Trap to clean up those temp files at exit.
trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
# Copy the file name to the temp name.
(umask $cp_umask &&
{ test -z "$stripcmd" || {
# Create $dsttmp read-write so that cp doesn't create it read-only,
# which would cause strip to fail.
if test -z "$doit"; then
: >"$dsttmp" # No need to fork-exec 'touch'.
else
$doit touch "$dsttmp"
fi
}
} &&
$doit_exec $cpprog "$src" "$dsttmp") &&
# and set any options; do chmod last to preserve setuid bits.
#
# If any of these fail, we abort the whole thing. If we want to
# ignore errors from any of these, just make sure not to ignore
# errors from the above "$doit $cpprog $src $dsttmp" command.
#
{ test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
{ test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
{ test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
{ test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
# If -C, don't bother to copy if it wouldn't change the file.
if $copy_on_change &&
old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` &&
new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` &&
set -f &&
set X $old && old=:$2:$4:$5:$6 &&
set X $new && new=:$2:$4:$5:$6 &&
set +f &&
test "$old" = "$new" &&
$cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
then
rm -f "$dsttmp"
else
# If $backupsuffix is set, and the file being installed
# already exists, attempt a backup. Don't worry if it fails,
# e.g., if mv doesn't support -f.
if test -n "$backupsuffix" && test -f "$dst"; then
$doit $mvcmd -f "$dst" "$dst$backupsuffix" 2>/dev/null
fi
# Rename the file to the real destination.
$doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
# The rename failed, perhaps because mv can't rename something else
# to itself, or perhaps because mv is so ancient that it does not
# support -f.
{
# Now remove or move aside any old file at destination location.
# We try this two ways since rm can't unlink itself on some
# systems and the destination file might be busy for other
# reasons. In this case, the final cleanup might fail but the new
# file should still install successfully.
{
test ! -f "$dst" ||
$doit $rmcmd "$dst" 2>/dev/null ||
{ $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
{ $doit $rmcmd "$rmtmp" 2>/dev/null; :; }
} ||
{ echo "$0: cannot unlink or rename $dst" >&2
(exit 1); exit 1
}
} &&
# Now rename the file to the real destination.
$doit $mvcmd "$dsttmp" "$dst"
}
fi || exit 1
trap '' 0
fi
done
# Local variables:
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

11429
ltmain.sh Normal file
View file

File diff suppressed because it is too large Load diff

50
m4/ax_append_flag.m4 Normal file
View file

@ -0,0 +1,50 @@
# ===========================================================================
# https://www.gnu.org/software/autoconf-archive/ax_append_flag.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_APPEND_FLAG(FLAG, [FLAGS-VARIABLE])
#
# DESCRIPTION
#
# FLAG is appended to the FLAGS-VARIABLE shell variable, with a space
# added in between.
#
# If FLAGS-VARIABLE is not specified, the current language's flags (e.g.
# CFLAGS) is used. FLAGS-VARIABLE is not changed if it already contains
# FLAG. If FLAGS-VARIABLE is unset in the shell, it is set to exactly
# FLAG.
#
# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION.
#
# LICENSE
#
# Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
# Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
#
# Copying and distribution of this file, with or without modification, are
# permitted in any medium without royalty provided the copyright notice
# and this notice are preserved. This file is offered as-is, without any
# warranty.
#serial 8
AC_DEFUN([AX_APPEND_FLAG],
[dnl
AC_PREREQ(2.64)dnl for _AC_LANG_PREFIX and AS_VAR_SET_IF
AS_VAR_PUSHDEF([FLAGS], [m4_default($2,_AC_LANG_PREFIX[FLAGS])])
AS_VAR_SET_IF(FLAGS,[
AS_CASE([" AS_VAR_GET(FLAGS) "],
[*" $1 "*], [AC_RUN_LOG([: FLAGS already contains $1])],
[
AS_VAR_APPEND(FLAGS,[" $1"])
AC_RUN_LOG([: FLAGS="$FLAGS"])
])
],
[
AS_VAR_SET(FLAGS,[$1])
AC_RUN_LOG([: FLAGS="$FLAGS"])
])
AS_VAR_POPDEF([FLAGS])dnl
])dnl AX_APPEND_FLAG

122
m4/ax_cflags_warn_all.m4 Normal file
View file

@ -0,0 +1,122 @@
# ===========================================================================
# https://www.gnu.org/software/autoconf-archive/ax_cflags_warn_all.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_CFLAGS_WARN_ALL [(shellvar [,default, [A/NA]])]
# AX_CXXFLAGS_WARN_ALL [(shellvar [,default, [A/NA]])]
# AX_FCFLAGS_WARN_ALL [(shellvar [,default, [A/NA]])]
#
# DESCRIPTION
#
# Try to find a compiler option that enables most reasonable warnings.
#
# For the GNU compiler it will be -Wall (and -ansi -pedantic) The result
# is added to the shellvar being CFLAGS, CXXFLAGS, or FCFLAGS by default.
#
# Currently this macro knows about the GCC, Solaris, Digital Unix, AIX,
# HP-UX, IRIX, NEC SX-5 (Super-UX 10), Cray J90 (Unicos 10.0.0.8), and
# Intel compilers. For a given compiler, the Fortran flags are much more
# experimental than their C equivalents.
#
# - $1 shell-variable-to-add-to : CFLAGS, CXXFLAGS, or FCFLAGS
# - $2 add-value-if-not-found : nothing
# - $3 action-if-found : add value to shellvariable
# - $4 action-if-not-found : nothing
#
# NOTE: These macros depend on AX_APPEND_FLAG.
#
# LICENSE
#
# Copyright (c) 2008 Guido U. Draheim <guidod@gmx.de>
# Copyright (c) 2010 Rhys Ulerich <rhys.ulerich@gmail.com>
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 3 of the License, or (at your
# option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
# Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program. If not, see <https://www.gnu.org/licenses/>.
#
# As a special exception, the respective Autoconf Macro's copyright owner
# gives unlimited permission to copy, distribute and modify the configure
# scripts that are the output of Autoconf when processing the Macro. You
# need not follow the terms of the GNU General Public License when using
# or distributing such scripts, even though portions of the text of the
# Macro appear in them. The GNU General Public License (GPL) does govern
# all other use of the material that constitutes the Autoconf Macro.
#
# This special exception to the GPL applies to versions of the Autoconf
# Macro released by the Autoconf Archive. When you make and distribute a
# modified version of the Autoconf Macro, you may extend this special
# exception to the GPL to apply to your modified version as well.
#serial 16
AC_DEFUN([AX_FLAGS_WARN_ALL],[dnl
AS_VAR_PUSHDEF([FLAGS],[_AC_LANG_PREFIX[]FLAGS])dnl
AS_VAR_PUSHDEF([VAR],[ac_cv_[]_AC_LANG_ABBREV[]flags_warn_all])dnl
AC_CACHE_CHECK([m4_ifval($1,$1,FLAGS) for maximum warnings],
VAR,[VAR="no, unknown"
ac_save_[]FLAGS="$[]FLAGS"
for ac_arg dnl
in "-warn all % -warn all" dnl Intel
"-pedantic % -Wall" dnl GCC
"-xstrconst % -v" dnl Solaris C
"-std1 % -verbose -w0 -warnprotos" dnl Digital Unix
"-qlanglvl=ansi % -qsrcmsg -qinfo=all:noppt:noppc:noobs:nocnd" dnl AIX
"-ansi -ansiE % -fullwarn" dnl IRIX
"+ESlit % +w1" dnl HP-UX C
"-Xc % -pvctl[,]fullmsg" dnl NEC SX-5 (Super-UX 10)
"-h conform % -h msglevel 2" dnl Cray C (Unicos)
#
do FLAGS="$ac_save_[]FLAGS "`echo $ac_arg | sed -e 's,%%.*,,' -e 's,%,,'`
AC_COMPILE_IFELSE([AC_LANG_PROGRAM],
[VAR=`echo $ac_arg | sed -e 's,.*% *,,'` ; break])
done
FLAGS="$ac_save_[]FLAGS"
])
AS_VAR_POPDEF([FLAGS])dnl
AX_REQUIRE_DEFINED([AX_APPEND_FLAG])
case ".$VAR" in
.ok|.ok,*) m4_ifvaln($3,$3) ;;
.|.no|.no,*) m4_default($4,[m4_ifval($2,[AX_APPEND_FLAG([$2], [$1])])]) ;;
*) m4_default($3,[AX_APPEND_FLAG([$VAR], [$1])]) ;;
esac
AS_VAR_POPDEF([VAR])dnl
])dnl AX_FLAGS_WARN_ALL
dnl implementation tactics:
dnl the for-argument contains a list of options. The first part of
dnl these does only exist to detect the compiler - usually it is
dnl a global option to enable -ansi or -extrawarnings. All other
dnl compilers will fail about it. That was needed since a lot of
dnl compilers will give false positives for some option-syntax
dnl like -Woption or -Xoption as they think of it is a pass-through
dnl to later compile stages or something. The "%" is used as a
dnl delimiter. A non-option comment can be given after "%%" marks
dnl which will be shown but not added to the respective C/CXXFLAGS.
AC_DEFUN([AX_CFLAGS_WARN_ALL],[dnl
AC_LANG_PUSH([C])
AX_FLAGS_WARN_ALL([$1], [$2], [$3], [$4])
AC_LANG_POP([C])
])
AC_DEFUN([AX_CXXFLAGS_WARN_ALL],[dnl
AC_LANG_PUSH([C++])
AX_FLAGS_WARN_ALL([$1], [$2], [$3], [$4])
AC_LANG_POP([C++])
])
AC_DEFUN([AX_FCFLAGS_WARN_ALL],[dnl
AC_LANG_PUSH([Fortran])
AX_FLAGS_WARN_ALL([$1], [$2], [$3], [$4])
AC_LANG_POP([Fortran])
])

37
m4/ax_require_defined.m4 Normal file
View file

@ -0,0 +1,37 @@
# ===========================================================================
# https://www.gnu.org/software/autoconf-archive/ax_require_defined.html
# ===========================================================================
#
# SYNOPSIS
#
# AX_REQUIRE_DEFINED(MACRO)
#
# DESCRIPTION
#
# AX_REQUIRE_DEFINED is a simple helper for making sure other macros have
# been defined and thus are available for use. This avoids random issues
# where a macro isn't expanded. Instead the configure script emits a
# non-fatal:
#
# ./configure: line 1673: AX_CFLAGS_WARN_ALL: command not found
#
# It's like AC_REQUIRE except it doesn't expand the required macro.
#
# Here's an example:
#
# AX_REQUIRE_DEFINED([AX_CHECK_LINK_FLAG])
#
# LICENSE
#
# Copyright (c) 2014 Mike Frysinger <vapier@gentoo.org>
#
# Copying and distribution of this file, with or without modification, are
# permitted in any medium without royalty provided the copyright notice
# and this notice are preserved. This file is offered as-is, without any
# warranty.
#serial 2
AC_DEFUN([AX_REQUIRE_DEFINED], [dnl
m4_ifndef([$1], [m4_fatal([macro ]$1[ is not defined; is a m4 file missing?])])
])dnl AX_REQUIRE_DEFINED

8403
m4/libtool.m4 vendored Normal file
View file

File diff suppressed because it is too large Load diff

437
m4/ltoptions.m4 vendored Normal file
View file

@ -0,0 +1,437 @@
# Helper functions for option handling. -*- Autoconf -*-
#
# Copyright (C) 2004-2005, 2007-2009, 2011-2019, 2021-2022 Free
# Software Foundation, Inc.
# Written by Gary V. Vaughan, 2004
#
# This file is free software; the Free Software Foundation gives
# unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved.
# serial 8 ltoptions.m4
# This is to help aclocal find these macros, as it can't see m4_define.
AC_DEFUN([LTOPTIONS_VERSION], [m4_if([1])])
# _LT_MANGLE_OPTION(MACRO-NAME, OPTION-NAME)
# ------------------------------------------
m4_define([_LT_MANGLE_OPTION],
[[_LT_OPTION_]m4_bpatsubst($1__$2, [[^a-zA-Z0-9_]], [_])])
# _LT_SET_OPTION(MACRO-NAME, OPTION-NAME)
# ---------------------------------------
# Set option OPTION-NAME for macro MACRO-NAME, and if there is a
# matching handler defined, dispatch to it. Other OPTION-NAMEs are
# saved as a flag.
m4_define([_LT_SET_OPTION],
[m4_define(_LT_MANGLE_OPTION([$1], [$2]))dnl
m4_ifdef(_LT_MANGLE_DEFUN([$1], [$2]),
_LT_MANGLE_DEFUN([$1], [$2]),
[m4_warning([Unknown $1 option '$2'])])[]dnl
])
# _LT_IF_OPTION(MACRO-NAME, OPTION-NAME, IF-SET, [IF-NOT-SET])
# ------------------------------------------------------------
# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise.
m4_define([_LT_IF_OPTION],
[m4_ifdef(_LT_MANGLE_OPTION([$1], [$2]), [$3], [$4])])
# _LT_UNLESS_OPTIONS(MACRO-NAME, OPTION-LIST, IF-NOT-SET)
# -------------------------------------------------------
# Execute IF-NOT-SET unless all options in OPTION-LIST for MACRO-NAME
# are set.
m4_define([_LT_UNLESS_OPTIONS],
[m4_foreach([_LT_Option], m4_split(m4_normalize([$2])),
[m4_ifdef(_LT_MANGLE_OPTION([$1], _LT_Option),
[m4_define([$0_found])])])[]dnl
m4_ifdef([$0_found], [m4_undefine([$0_found])], [$3
])[]dnl
])
# _LT_SET_OPTIONS(MACRO-NAME, OPTION-LIST)
# ----------------------------------------
# OPTION-LIST is a space-separated list of Libtool options associated
# with MACRO-NAME. If any OPTION has a matching handler declared with
# LT_OPTION_DEFINE, dispatch to that macro; otherwise complain about
# the unknown option and exit.
m4_defun([_LT_SET_OPTIONS],
[# Set options
m4_foreach([_LT_Option], m4_split(m4_normalize([$2])),
[_LT_SET_OPTION([$1], _LT_Option)])
m4_if([$1],[LT_INIT],[
dnl
dnl Simply set some default values (i.e off) if boolean options were not
dnl specified:
_LT_UNLESS_OPTIONS([LT_INIT], [dlopen], [enable_dlopen=no
])
_LT_UNLESS_OPTIONS([LT_INIT], [win32-dll], [enable_win32_dll=no
])
dnl
dnl If no reference was made to various pairs of opposing options, then
dnl we run the default mode handler for the pair. For example, if neither
dnl 'shared' nor 'disable-shared' was passed, we enable building of shared
dnl archives by default:
_LT_UNLESS_OPTIONS([LT_INIT], [shared disable-shared], [_LT_ENABLE_SHARED])
_LT_UNLESS_OPTIONS([LT_INIT], [static disable-static], [_LT_ENABLE_STATIC])
_LT_UNLESS_OPTIONS([LT_INIT], [pic-only no-pic], [_LT_WITH_PIC])
_LT_UNLESS_OPTIONS([LT_INIT], [fast-install disable-fast-install],
[_LT_ENABLE_FAST_INSTALL])
_LT_UNLESS_OPTIONS([LT_INIT], [aix-soname=aix aix-soname=both aix-soname=svr4],
[_LT_WITH_AIX_SONAME([aix])])
])
])# _LT_SET_OPTIONS
## --------------------------------- ##
## Macros to handle LT_INIT options. ##
## --------------------------------- ##
# _LT_MANGLE_DEFUN(MACRO-NAME, OPTION-NAME)
# -----------------------------------------
m4_define([_LT_MANGLE_DEFUN],
[[_LT_OPTION_DEFUN_]m4_bpatsubst(m4_toupper([$1__$2]), [[^A-Z0-9_]], [_])])
# LT_OPTION_DEFINE(MACRO-NAME, OPTION-NAME, CODE)
# -----------------------------------------------
m4_define([LT_OPTION_DEFINE],
[m4_define(_LT_MANGLE_DEFUN([$1], [$2]), [$3])[]dnl
])# LT_OPTION_DEFINE
# dlopen
# ------
LT_OPTION_DEFINE([LT_INIT], [dlopen], [enable_dlopen=yes
])
AU_DEFUN([AC_LIBTOOL_DLOPEN],
[_LT_SET_OPTION([LT_INIT], [dlopen])
AC_DIAGNOSE([obsolete],
[$0: Remove this warning and the call to _LT_SET_OPTION when you
put the 'dlopen' option into LT_INIT's first parameter.])
])
dnl aclocal-1.4 backwards compatibility:
dnl AC_DEFUN([AC_LIBTOOL_DLOPEN], [])
# win32-dll
# ---------
# Declare package support for building win32 dll's.
LT_OPTION_DEFINE([LT_INIT], [win32-dll],
[enable_win32_dll=yes
case $host in
*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*)
AC_CHECK_TOOL(AS, as, false)
AC_CHECK_TOOL(DLLTOOL, dlltool, false)
AC_CHECK_TOOL(OBJDUMP, objdump, false)
;;
esac
test -z "$AS" && AS=as
_LT_DECL([], [AS], [1], [Assembler program])dnl
test -z "$DLLTOOL" && DLLTOOL=dlltool
_LT_DECL([], [DLLTOOL], [1], [DLL creation program])dnl
test -z "$OBJDUMP" && OBJDUMP=objdump
_LT_DECL([], [OBJDUMP], [1], [Object dumper program])dnl
])# win32-dll
AU_DEFUN([AC_LIBTOOL_WIN32_DLL],
[AC_REQUIRE([AC_CANONICAL_HOST])dnl
_LT_SET_OPTION([LT_INIT], [win32-dll])
AC_DIAGNOSE([obsolete],
[$0: Remove this warning and the call to _LT_SET_OPTION when you
put the 'win32-dll' option into LT_INIT's first parameter.])
])
dnl aclocal-1.4 backwards compatibility:
dnl AC_DEFUN([AC_LIBTOOL_WIN32_DLL], [])
# _LT_ENABLE_SHARED([DEFAULT])
# ----------------------------
# implement the --enable-shared flag, and supports the 'shared' and
# 'disable-shared' LT_INIT options.
# DEFAULT is either 'yes' or 'no'. If omitted, it defaults to 'yes'.
m4_define([_LT_ENABLE_SHARED],
[m4_define([_LT_ENABLE_SHARED_DEFAULT], [m4_if($1, no, no, yes)])dnl
AC_ARG_ENABLE([shared],
[AS_HELP_STRING([--enable-shared@<:@=PKGS@:>@],
[build shared libraries @<:@default=]_LT_ENABLE_SHARED_DEFAULT[@:>@])],
[p=${PACKAGE-default}
case $enableval in
yes) enable_shared=yes ;;
no) enable_shared=no ;;
*)
enable_shared=no
# Look at the argument we got. We use all the common list separators.
lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR,
for pkg in $enableval; do
IFS=$lt_save_ifs
if test "X$pkg" = "X$p"; then
enable_shared=yes
fi
done
IFS=$lt_save_ifs
;;
esac],
[enable_shared=]_LT_ENABLE_SHARED_DEFAULT)
_LT_DECL([build_libtool_libs], [enable_shared], [0],
[Whether or not to build shared libraries])
])# _LT_ENABLE_SHARED
LT_OPTION_DEFINE([LT_INIT], [shared], [_LT_ENABLE_SHARED([yes])])
LT_OPTION_DEFINE([LT_INIT], [disable-shared], [_LT_ENABLE_SHARED([no])])
# Old names:
AC_DEFUN([AC_ENABLE_SHARED],
[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[shared])
])
AC_DEFUN([AC_DISABLE_SHARED],
[_LT_SET_OPTION([LT_INIT], [disable-shared])
])
AU_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)])
AU_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)])
dnl aclocal-1.4 backwards compatibility:
dnl AC_DEFUN([AM_ENABLE_SHARED], [])
dnl AC_DEFUN([AM_DISABLE_SHARED], [])
# _LT_ENABLE_STATIC([DEFAULT])
# ----------------------------
# implement the --enable-static flag, and support the 'static' and
# 'disable-static' LT_INIT options.
# DEFAULT is either 'yes' or 'no'. If omitted, it defaults to 'yes'.
m4_define([_LT_ENABLE_STATIC],
[m4_define([_LT_ENABLE_STATIC_DEFAULT], [m4_if($1, no, no, yes)])dnl
AC_ARG_ENABLE([static],
[AS_HELP_STRING([--enable-static@<:@=PKGS@:>@],
[build static libraries @<:@default=]_LT_ENABLE_STATIC_DEFAULT[@:>@])],
[p=${PACKAGE-default}
case $enableval in
yes) enable_static=yes ;;
no) enable_static=no ;;
*)
enable_static=no
# Look at the argument we got. We use all the common list separators.
lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR,
for pkg in $enableval; do
IFS=$lt_save_ifs
if test "X$pkg" = "X$p"; then
enable_static=yes
fi
done
IFS=$lt_save_ifs
;;
esac],
[enable_static=]_LT_ENABLE_STATIC_DEFAULT)
_LT_DECL([build_old_libs], [enable_static], [0],
[Whether or not to build static libraries])
])# _LT_ENABLE_STATIC
LT_OPTION_DEFINE([LT_INIT], [static], [_LT_ENABLE_STATIC([yes])])
LT_OPTION_DEFINE([LT_INIT], [disable-static], [_LT_ENABLE_STATIC([no])])
# Old names:
AC_DEFUN([AC_ENABLE_STATIC],
[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[static])
])
AC_DEFUN([AC_DISABLE_STATIC],
[_LT_SET_OPTION([LT_INIT], [disable-static])
])
AU_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)])
AU_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)])
dnl aclocal-1.4 backwards compatibility:
dnl AC_DEFUN([AM_ENABLE_STATIC], [])
dnl AC_DEFUN([AM_DISABLE_STATIC], [])
# _LT_ENABLE_FAST_INSTALL([DEFAULT])
# ----------------------------------
# implement the --enable-fast-install flag, and support the 'fast-install'
# and 'disable-fast-install' LT_INIT options.
# DEFAULT is either 'yes' or 'no'. If omitted, it defaults to 'yes'.
m4_define([_LT_ENABLE_FAST_INSTALL],
[m4_define([_LT_ENABLE_FAST_INSTALL_DEFAULT], [m4_if($1, no, no, yes)])dnl
AC_ARG_ENABLE([fast-install],
[AS_HELP_STRING([--enable-fast-install@<:@=PKGS@:>@],
[optimize for fast installation @<:@default=]_LT_ENABLE_FAST_INSTALL_DEFAULT[@:>@])],
[p=${PACKAGE-default}
case $enableval in
yes) enable_fast_install=yes ;;
no) enable_fast_install=no ;;
*)
enable_fast_install=no
# Look at the argument we got. We use all the common list separators.
lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR,
for pkg in $enableval; do
IFS=$lt_save_ifs
if test "X$pkg" = "X$p"; then
enable_fast_install=yes
fi
done
IFS=$lt_save_ifs
;;
esac],
[enable_fast_install=]_LT_ENABLE_FAST_INSTALL_DEFAULT)
_LT_DECL([fast_install], [enable_fast_install], [0],
[Whether or not to optimize for fast installation])dnl
])# _LT_ENABLE_FAST_INSTALL
LT_OPTION_DEFINE([LT_INIT], [fast-install], [_LT_ENABLE_FAST_INSTALL([yes])])
LT_OPTION_DEFINE([LT_INIT], [disable-fast-install], [_LT_ENABLE_FAST_INSTALL([no])])
# Old names:
AU_DEFUN([AC_ENABLE_FAST_INSTALL],
[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[fast-install])
AC_DIAGNOSE([obsolete],
[$0: Remove this warning and the call to _LT_SET_OPTION when you put
the 'fast-install' option into LT_INIT's first parameter.])
])
AU_DEFUN([AC_DISABLE_FAST_INSTALL],
[_LT_SET_OPTION([LT_INIT], [disable-fast-install])
AC_DIAGNOSE([obsolete],
[$0: Remove this warning and the call to _LT_SET_OPTION when you put
the 'disable-fast-install' option into LT_INIT's first parameter.])
])
dnl aclocal-1.4 backwards compatibility:
dnl AC_DEFUN([AC_ENABLE_FAST_INSTALL], [])
dnl AC_DEFUN([AM_DISABLE_FAST_INSTALL], [])
# _LT_WITH_AIX_SONAME([DEFAULT])
# ----------------------------------
# implement the --with-aix-soname flag, and support the `aix-soname=aix'
# and `aix-soname=both' and `aix-soname=svr4' LT_INIT options. DEFAULT
# is either `aix', `both' or `svr4'. If omitted, it defaults to `aix'.
m4_define([_LT_WITH_AIX_SONAME],
[m4_define([_LT_WITH_AIX_SONAME_DEFAULT], [m4_if($1, svr4, svr4, m4_if($1, both, both, aix))])dnl
shared_archive_member_spec=
case $host,$enable_shared in
power*-*-aix[[5-9]]*,yes)
AC_MSG_CHECKING([which variant of shared library versioning to provide])
AC_ARG_WITH([aix-soname],
[AS_HELP_STRING([--with-aix-soname=aix|svr4|both],
[shared library versioning (aka "SONAME") variant to provide on AIX, @<:@default=]_LT_WITH_AIX_SONAME_DEFAULT[@:>@.])],
[case $withval in
aix|svr4|both)
;;
*)
AC_MSG_ERROR([Unknown argument to --with-aix-soname])
;;
esac
lt_cv_with_aix_soname=$with_aix_soname],
[AC_CACHE_VAL([lt_cv_with_aix_soname],
[lt_cv_with_aix_soname=]_LT_WITH_AIX_SONAME_DEFAULT)
with_aix_soname=$lt_cv_with_aix_soname])
AC_MSG_RESULT([$with_aix_soname])
if test aix != "$with_aix_soname"; then
# For the AIX way of multilib, we name the shared archive member
# based on the bitwidth used, traditionally 'shr.o' or 'shr_64.o',
# and 'shr.imp' or 'shr_64.imp', respectively, for the Import File.
# Even when GNU compilers ignore OBJECT_MODE but need '-maix64' flag,
# the AIX toolchain works better with OBJECT_MODE set (default 32).
if test 64 = "${OBJECT_MODE-32}"; then
shared_archive_member_spec=shr_64
else
shared_archive_member_spec=shr
fi
fi
;;
*)
with_aix_soname=aix
;;
esac
_LT_DECL([], [shared_archive_member_spec], [0],
[Shared archive member basename, for filename based shared library versioning on AIX])dnl
])# _LT_WITH_AIX_SONAME
LT_OPTION_DEFINE([LT_INIT], [aix-soname=aix], [_LT_WITH_AIX_SONAME([aix])])
LT_OPTION_DEFINE([LT_INIT], [aix-soname=both], [_LT_WITH_AIX_SONAME([both])])
LT_OPTION_DEFINE([LT_INIT], [aix-soname=svr4], [_LT_WITH_AIX_SONAME([svr4])])
# _LT_WITH_PIC([MODE])
# --------------------
# implement the --with-pic flag, and support the 'pic-only' and 'no-pic'
# LT_INIT options.
# MODE is either 'yes' or 'no'. If omitted, it defaults to 'both'.
m4_define([_LT_WITH_PIC],
[AC_ARG_WITH([pic],
[AS_HELP_STRING([--with-pic@<:@=PKGS@:>@],
[try to use only PIC/non-PIC objects @<:@default=use both@:>@])],
[lt_p=${PACKAGE-default}
case $withval in
yes|no) pic_mode=$withval ;;
*)
pic_mode=default
# Look at the argument we got. We use all the common list separators.
lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR,
for lt_pkg in $withval; do
IFS=$lt_save_ifs
if test "X$lt_pkg" = "X$lt_p"; then
pic_mode=yes
fi
done
IFS=$lt_save_ifs
;;
esac],
[pic_mode=m4_default([$1], [default])])
_LT_DECL([], [pic_mode], [0], [What type of objects to build])dnl
])# _LT_WITH_PIC
LT_OPTION_DEFINE([LT_INIT], [pic-only], [_LT_WITH_PIC([yes])])
LT_OPTION_DEFINE([LT_INIT], [no-pic], [_LT_WITH_PIC([no])])
# Old name:
AU_DEFUN([AC_LIBTOOL_PICMODE],
[_LT_SET_OPTION([LT_INIT], [pic-only])
AC_DIAGNOSE([obsolete],
[$0: Remove this warning and the call to _LT_SET_OPTION when you
put the 'pic-only' option into LT_INIT's first parameter.])
])
dnl aclocal-1.4 backwards compatibility:
dnl AC_DEFUN([AC_LIBTOOL_PICMODE], [])
## ----------------- ##
## LTDL_INIT Options ##
## ----------------- ##
m4_define([_LTDL_MODE], [])
LT_OPTION_DEFINE([LTDL_INIT], [nonrecursive],
[m4_define([_LTDL_MODE], [nonrecursive])])
LT_OPTION_DEFINE([LTDL_INIT], [recursive],
[m4_define([_LTDL_MODE], [recursive])])
LT_OPTION_DEFINE([LTDL_INIT], [subproject],
[m4_define([_LTDL_MODE], [subproject])])
m4_define([_LTDL_TYPE], [])
LT_OPTION_DEFINE([LTDL_INIT], [installable],
[m4_define([_LTDL_TYPE], [installable])])
LT_OPTION_DEFINE([LTDL_INIT], [convenience],
[m4_define([_LTDL_TYPE], [convenience])])

124
m4/ltsugar.m4 vendored Normal file
View file

@ -0,0 +1,124 @@
# ltsugar.m4 -- libtool m4 base layer. -*-Autoconf-*-
#
# Copyright (C) 2004-2005, 2007-2008, 2011-2019, 2021-2022 Free Software
# Foundation, Inc.
# Written by Gary V. Vaughan, 2004
#
# This file is free software; the Free Software Foundation gives
# unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved.
# serial 6 ltsugar.m4
# This is to help aclocal find these macros, as it can't see m4_define.
AC_DEFUN([LTSUGAR_VERSION], [m4_if([0.1])])
# lt_join(SEP, ARG1, [ARG2...])
# -----------------------------
# Produce ARG1SEPARG2...SEPARGn, omitting [] arguments and their
# associated separator.
# Needed until we can rely on m4_join from Autoconf 2.62, since all earlier
# versions in m4sugar had bugs.
m4_define([lt_join],
[m4_if([$#], [1], [],
[$#], [2], [[$2]],
[m4_if([$2], [], [], [[$2]_])$0([$1], m4_shift(m4_shift($@)))])])
m4_define([_lt_join],
[m4_if([$#$2], [2], [],
[m4_if([$2], [], [], [[$1$2]])$0([$1], m4_shift(m4_shift($@)))])])
# lt_car(LIST)
# lt_cdr(LIST)
# ------------
# Manipulate m4 lists.
# These macros are necessary as long as will still need to support
# Autoconf-2.59, which quotes differently.
m4_define([lt_car], [[$1]])
m4_define([lt_cdr],
[m4_if([$#], 0, [m4_fatal([$0: cannot be called without arguments])],
[$#], 1, [],
[m4_dquote(m4_shift($@))])])
m4_define([lt_unquote], $1)
# lt_append(MACRO-NAME, STRING, [SEPARATOR])
# ------------------------------------------
# Redefine MACRO-NAME to hold its former content plus 'SEPARATOR''STRING'.
# Note that neither SEPARATOR nor STRING are expanded; they are appended
# to MACRO-NAME as is (leaving the expansion for when MACRO-NAME is invoked).
# No SEPARATOR is output if MACRO-NAME was previously undefined (different
# than defined and empty).
#
# This macro is needed until we can rely on Autoconf 2.62, since earlier
# versions of m4sugar mistakenly expanded SEPARATOR but not STRING.
m4_define([lt_append],
[m4_define([$1],
m4_ifdef([$1], [m4_defn([$1])[$3]])[$2])])
# lt_combine(SEP, PREFIX-LIST, INFIX, SUFFIX1, [SUFFIX2...])
# ----------------------------------------------------------
# Produce a SEP delimited list of all paired combinations of elements of
# PREFIX-LIST with SUFFIX1 through SUFFIXn. Each element of the list
# has the form PREFIXmINFIXSUFFIXn.
# Needed until we can rely on m4_combine added in Autoconf 2.62.
m4_define([lt_combine],
[m4_if(m4_eval([$# > 3]), [1],
[m4_pushdef([_Lt_sep], [m4_define([_Lt_sep], m4_defn([lt_car]))])]]dnl
[[m4_foreach([_Lt_prefix], [$2],
[m4_foreach([_Lt_suffix],
]m4_dquote(m4_dquote(m4_shift(m4_shift(m4_shift($@)))))[,
[_Lt_sep([$1])[]m4_defn([_Lt_prefix])[$3]m4_defn([_Lt_suffix])])])])])
# lt_if_append_uniq(MACRO-NAME, VARNAME, [SEPARATOR], [UNIQ], [NOT-UNIQ])
# -----------------------------------------------------------------------
# Iff MACRO-NAME does not yet contain VARNAME, then append it (delimited
# by SEPARATOR if supplied) and expand UNIQ, else NOT-UNIQ.
m4_define([lt_if_append_uniq],
[m4_ifdef([$1],
[m4_if(m4_index([$3]m4_defn([$1])[$3], [$3$2$3]), [-1],
[lt_append([$1], [$2], [$3])$4],
[$5])],
[lt_append([$1], [$2], [$3])$4])])
# lt_dict_add(DICT, KEY, VALUE)
# -----------------------------
m4_define([lt_dict_add],
[m4_define([$1($2)], [$3])])
# lt_dict_add_subkey(DICT, KEY, SUBKEY, VALUE)
# --------------------------------------------
m4_define([lt_dict_add_subkey],
[m4_define([$1($2:$3)], [$4])])
# lt_dict_fetch(DICT, KEY, [SUBKEY])
# ----------------------------------
m4_define([lt_dict_fetch],
[m4_ifval([$3],
m4_ifdef([$1($2:$3)], [m4_defn([$1($2:$3)])]),
m4_ifdef([$1($2)], [m4_defn([$1($2)])]))])
# lt_if_dict_fetch(DICT, KEY, [SUBKEY], VALUE, IF-TRUE, [IF-FALSE])
# -----------------------------------------------------------------
m4_define([lt_if_dict_fetch],
[m4_if(lt_dict_fetch([$1], [$2], [$3]), [$4],
[$5],
[$6])])
# lt_dict_filter(DICT, [SUBKEY], VALUE, [SEPARATOR], KEY, [...])
# --------------------------------------------------------------
m4_define([lt_dict_filter],
[m4_if([$5], [], [],
[lt_join(m4_quote(m4_default([$4], [[, ]])),
lt_unquote(m4_split(m4_normalize(m4_foreach(_Lt_key, lt_car([m4_shiftn(4, $@)]),
[lt_if_dict_fetch([$1], _Lt_key, [$2], [$3], [_Lt_key ])])))))])[]dnl
])

24
m4/ltversion.m4 vendored Normal file
View file

@ -0,0 +1,24 @@
# ltversion.m4 -- version numbers -*- Autoconf -*-
#
# Copyright (C) 2004, 2011-2019, 2021-2022 Free Software Foundation,
# Inc.
# Written by Scott James Remnant, 2004
#
# This file is free software; the Free Software Foundation gives
# unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved.
# @configure_input@
# serial 4245 ltversion.m4
# This file is part of GNU Libtool
m4_define([LT_PACKAGE_VERSION], [2.4.7])
m4_define([LT_PACKAGE_REVISION], [2.4.7])
AC_DEFUN([LTVERSION_VERSION],
[macro_version='2.4.7'
macro_revision='2.4.7'
_LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?])
_LT_DECL(, macro_revision, 0)
])

99
m4/lt~obsolete.m4 vendored Normal file
View file

@ -0,0 +1,99 @@
# lt~obsolete.m4 -- aclocal satisfying obsolete definitions. -*-Autoconf-*-
#
# Copyright (C) 2004-2005, 2007, 2009, 2011-2019, 2021-2022 Free
# Software Foundation, Inc.
# Written by Scott James Remnant, 2004.
#
# This file is free software; the Free Software Foundation gives
# unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved.
# serial 5 lt~obsolete.m4
# These exist entirely to fool aclocal when bootstrapping libtool.
#
# In the past libtool.m4 has provided macros via AC_DEFUN (or AU_DEFUN),
# which have later been changed to m4_define as they aren't part of the
# exported API, or moved to Autoconf or Automake where they belong.
#
# The trouble is, aclocal is a bit thick. It'll see the old AC_DEFUN
# in /usr/share/aclocal/libtool.m4 and remember it, then when it sees us
# using a macro with the same name in our local m4/libtool.m4 it'll
# pull the old libtool.m4 in (it doesn't see our shiny new m4_define
# and doesn't know about Autoconf macros at all.)
#
# So we provide this file, which has a silly filename so it's always
# included after everything else. This provides aclocal with the
# AC_DEFUNs it wants, but when m4 processes it, it doesn't do anything
# because those macros already exist, or will be overwritten later.
# We use AC_DEFUN over AU_DEFUN for compatibility with aclocal-1.6.
#
# Anytime we withdraw an AC_DEFUN or AU_DEFUN, remember to add it here.
# Yes, that means every name once taken will need to remain here until
# we give up compatibility with versions before 1.7, at which point
# we need to keep only those names which we still refer to.
# This is to help aclocal find these macros, as it can't see m4_define.
AC_DEFUN([LTOBSOLETE_VERSION], [m4_if([1])])
m4_ifndef([AC_LIBTOOL_LINKER_OPTION], [AC_DEFUN([AC_LIBTOOL_LINKER_OPTION])])
m4_ifndef([AC_PROG_EGREP], [AC_DEFUN([AC_PROG_EGREP])])
m4_ifndef([_LT_AC_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_AC_PROG_ECHO_BACKSLASH])])
m4_ifndef([_LT_AC_SHELL_INIT], [AC_DEFUN([_LT_AC_SHELL_INIT])])
m4_ifndef([_LT_AC_SYS_LIBPATH_AIX], [AC_DEFUN([_LT_AC_SYS_LIBPATH_AIX])])
m4_ifndef([_LT_PROG_LTMAIN], [AC_DEFUN([_LT_PROG_LTMAIN])])
m4_ifndef([_LT_AC_TAGVAR], [AC_DEFUN([_LT_AC_TAGVAR])])
m4_ifndef([AC_LTDL_ENABLE_INSTALL], [AC_DEFUN([AC_LTDL_ENABLE_INSTALL])])
m4_ifndef([AC_LTDL_PREOPEN], [AC_DEFUN([AC_LTDL_PREOPEN])])
m4_ifndef([_LT_AC_SYS_COMPILER], [AC_DEFUN([_LT_AC_SYS_COMPILER])])
m4_ifndef([_LT_AC_LOCK], [AC_DEFUN([_LT_AC_LOCK])])
m4_ifndef([AC_LIBTOOL_SYS_OLD_ARCHIVE], [AC_DEFUN([AC_LIBTOOL_SYS_OLD_ARCHIVE])])
m4_ifndef([_LT_AC_TRY_DLOPEN_SELF], [AC_DEFUN([_LT_AC_TRY_DLOPEN_SELF])])
m4_ifndef([AC_LIBTOOL_PROG_CC_C_O], [AC_DEFUN([AC_LIBTOOL_PROG_CC_C_O])])
m4_ifndef([AC_LIBTOOL_SYS_HARD_LINK_LOCKS], [AC_DEFUN([AC_LIBTOOL_SYS_HARD_LINK_LOCKS])])
m4_ifndef([AC_LIBTOOL_OBJDIR], [AC_DEFUN([AC_LIBTOOL_OBJDIR])])
m4_ifndef([AC_LTDL_OBJDIR], [AC_DEFUN([AC_LTDL_OBJDIR])])
m4_ifndef([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH], [AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH])])
m4_ifndef([AC_LIBTOOL_SYS_LIB_STRIP], [AC_DEFUN([AC_LIBTOOL_SYS_LIB_STRIP])])
m4_ifndef([AC_PATH_MAGIC], [AC_DEFUN([AC_PATH_MAGIC])])
m4_ifndef([AC_PROG_LD_GNU], [AC_DEFUN([AC_PROG_LD_GNU])])
m4_ifndef([AC_PROG_LD_RELOAD_FLAG], [AC_DEFUN([AC_PROG_LD_RELOAD_FLAG])])
m4_ifndef([AC_DEPLIBS_CHECK_METHOD], [AC_DEFUN([AC_DEPLIBS_CHECK_METHOD])])
m4_ifndef([AC_LIBTOOL_PROG_COMPILER_NO_RTTI], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_NO_RTTI])])
m4_ifndef([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE], [AC_DEFUN([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE])])
m4_ifndef([AC_LIBTOOL_PROG_COMPILER_PIC], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_PIC])])
m4_ifndef([AC_LIBTOOL_PROG_LD_SHLIBS], [AC_DEFUN([AC_LIBTOOL_PROG_LD_SHLIBS])])
m4_ifndef([AC_LIBTOOL_POSTDEP_PREDEP], [AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP])])
m4_ifndef([LT_AC_PROG_EGREP], [AC_DEFUN([LT_AC_PROG_EGREP])])
m4_ifndef([LT_AC_PROG_SED], [AC_DEFUN([LT_AC_PROG_SED])])
m4_ifndef([_LT_CC_BASENAME], [AC_DEFUN([_LT_CC_BASENAME])])
m4_ifndef([_LT_COMPILER_BOILERPLATE], [AC_DEFUN([_LT_COMPILER_BOILERPLATE])])
m4_ifndef([_LT_LINKER_BOILERPLATE], [AC_DEFUN([_LT_LINKER_BOILERPLATE])])
m4_ifndef([_AC_PROG_LIBTOOL], [AC_DEFUN([_AC_PROG_LIBTOOL])])
m4_ifndef([AC_LIBTOOL_SETUP], [AC_DEFUN([AC_LIBTOOL_SETUP])])
m4_ifndef([_LT_AC_CHECK_DLFCN], [AC_DEFUN([_LT_AC_CHECK_DLFCN])])
m4_ifndef([AC_LIBTOOL_SYS_DYNAMIC_LINKER], [AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER])])
m4_ifndef([_LT_AC_TAGCONFIG], [AC_DEFUN([_LT_AC_TAGCONFIG])])
m4_ifndef([AC_DISABLE_FAST_INSTALL], [AC_DEFUN([AC_DISABLE_FAST_INSTALL])])
m4_ifndef([_LT_AC_LANG_CXX], [AC_DEFUN([_LT_AC_LANG_CXX])])
m4_ifndef([_LT_AC_LANG_F77], [AC_DEFUN([_LT_AC_LANG_F77])])
m4_ifndef([_LT_AC_LANG_GCJ], [AC_DEFUN([_LT_AC_LANG_GCJ])])
m4_ifndef([AC_LIBTOOL_LANG_C_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG])])
m4_ifndef([_LT_AC_LANG_C_CONFIG], [AC_DEFUN([_LT_AC_LANG_C_CONFIG])])
m4_ifndef([AC_LIBTOOL_LANG_CXX_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG])])
m4_ifndef([_LT_AC_LANG_CXX_CONFIG], [AC_DEFUN([_LT_AC_LANG_CXX_CONFIG])])
m4_ifndef([AC_LIBTOOL_LANG_F77_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_F77_CONFIG])])
m4_ifndef([_LT_AC_LANG_F77_CONFIG], [AC_DEFUN([_LT_AC_LANG_F77_CONFIG])])
m4_ifndef([AC_LIBTOOL_LANG_GCJ_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_GCJ_CONFIG])])
m4_ifndef([_LT_AC_LANG_GCJ_CONFIG], [AC_DEFUN([_LT_AC_LANG_GCJ_CONFIG])])
m4_ifndef([AC_LIBTOOL_LANG_RC_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_RC_CONFIG])])
m4_ifndef([_LT_AC_LANG_RC_CONFIG], [AC_DEFUN([_LT_AC_LANG_RC_CONFIG])])
m4_ifndef([AC_LIBTOOL_CONFIG], [AC_DEFUN([AC_LIBTOOL_CONFIG])])
m4_ifndef([_LT_AC_FILE_LTDLL_C], [AC_DEFUN([_LT_AC_FILE_LTDLL_C])])
m4_ifndef([_LT_REQUIRED_DARWIN_CHECKS], [AC_DEFUN([_LT_REQUIRED_DARWIN_CHECKS])])
m4_ifndef([_LT_AC_PROG_CXXCPP], [AC_DEFUN([_LT_AC_PROG_CXXCPP])])
m4_ifndef([_LT_PREPARE_SED_QUOTE_VARS], [AC_DEFUN([_LT_PREPARE_SED_QUOTE_VARS])])
m4_ifndef([_LT_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_PROG_ECHO_BACKSLASH])])
m4_ifndef([_LT_PROG_F77], [AC_DEFUN([_LT_PROG_F77])])
m4_ifndef([_LT_PROG_FC], [AC_DEFUN([_LT_PROG_FC])])
m4_ifndef([_LT_PROG_CXX], [AC_DEFUN([_LT_PROG_CXX])])

131
man/cryptopANT.3 Normal file
View file

@ -0,0 +1,131 @@
.\" Copyright (C) 2004-2024 by the University of Southern California
.\"
.\" This program is free software; you can redistribute it and/or
.\" modify it under the terms of the GNU General Public License,
.\" version 2, as published by the Free Software Foundation.
.\"
.\" This program is distributed in the hope that it will be useful,
.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
.\" GNU General Public License for more details.
.\"
.\" You should have received a copy of the GNU General Public License along
.\" with this program; if not, write to the Free Software Foundation, Inc.,
.\" 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
.\"
.TH cryptopANT 3cryptopANT "2024-01-24"
.SH NAME
cryptopANT \- IP Address Anonymization Library
.SH SYNOPSIS
.nf
.ft B
#include <cryptopANT.h>
.LP
.ft B
.ft
.fi
.SH DESCRIPTION
The cryptopANT ip address anonymization library
implements techniques for IPv4 and IPv6 address anonymization first
described in:
.PP
.I
.IP "'Prefix-Preserving IP Address Anonymization',"
Computer Networks, Volume 46, Issue 2, 7 October 2004, Pages 253-272, Elsevier.
.PP
commonly known as Crypto-PAn.
.PP
.PP
This implementation is provided by USC/ISI ANT project:
.B "http://ant.isi.edu"
.PP
.SS
.SS API Overview
.PP
.EX
.BR "int scramble_init_from_file(const char *keyfile, scramble_crypt_t c4, scramble_crypt_t c6, int *do_mac)"
.EE
.IP
Initializes library from a keyfile and sets up underlying cryptographical mechanism for scrambling
of IPv4 (c4) and IPv6 (c6) addresses. See
.BR scramble_crypt_t
for possible values of c4 and c6. Typically used are:
.BR SCRAMBLE_NONE
for no scrambling or
.BR SCRAMBLE_AES
for scrambling using fast AES cypher. If the keyfile does not exist, it is created.
This function internally calls
.BR scramble_readstate()
and
.BR scrable_init().
Returns 0 if successful.
.BR SCRAMBLE_BLOWFISH
uses blowfish cypher. While previously widely used, it's no longer recommended, as scrambling
of ipv6 addresses can be very slow.
.P
.EX
.BR "int32_t scramble_ip4(uint32_t input, int pass_bits)"
.BR "int32_t unscramble_ip4(uint32_t input, int pass_bits)"
.EE
.IP
Scrambles or un-scrambles (input) IP address passing through first (pass_bits); the scrambled
ip address is returned. Please note that even if (pass_bits) is 0, first few
bits will be passed through to preserve class of the input IP. Both input and
output IPs are in network byte order.
Note that unscrambling is a costly operation and unscrambling a large number
of different addresses can take a long time.
.PP
.EX
.BR "void scramble_ip6(struct in6_addr *input, int pass_bits)"
.BR "void unscramble_ip6(struct in6_addr *input, int pass_bits)"
.EE
.IP
Scrambles or un-scrambles IPv6 address pointed to by (input)
.B "in-place"
, passing through first (pass_bits). Addresses are in network byte order.
Note that unscrambling is a costly operation and unscrambling a large number
of different addresses can take a long time.
.PP
.EX
.BR "int scramble_readstate(const char *keyfile, scramble_state_t *s)"
.BR "int scramble_savestate(const char *keyfile, const scramble_state_t *s)"
.EE
.IP
These functions can read scrambling keys from keyfile into
memory pointed to by (s), or save/write previously initialized state (s)
to a (keyfile). After state is read, the library still needs to be
initialized by calling
.B scramble_init()
Return 0 on success.
.PP
.EX
.BR "int scramble_init(const scramble_state_t *s)"
.EE
.PP
.IP
Initializes library using state pointed by (s). Returns 0 on success.
.SH SEE ALSO
.BR scramble_ips
.IP
is a binary for anonymizing textual IP addresses, which comes packaged with this library
.EP
.PP
.SH AUTHORS
The cryptopANT library was written by
.IP "Yuri Pradkin,"
University of Southern California, Information Sciences Institute, CA.
.EP
.LP
The current version is available from "ANT Project"'s Web site at
.LP
.RS
.I http://ant.isi.edu
.RE
.SH BUGS
Please send problems, bugs, questions, desirable enhancements, etc. to:
.LP
.RS
ant@isi.edu
.RE

215
missing Executable file
View file

@ -0,0 +1,215 @@
#! /bin/sh
# Common wrapper for a few potentially missing GNU programs.
scriptversion=2018-03-07.03; # UTC
# Copyright (C) 1996-2021 Free Software Foundation, Inc.
# Originally written by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
if test $# -eq 0; then
echo 1>&2 "Try '$0 --help' for more information"
exit 1
fi
case $1 in
--is-lightweight)
# Used by our autoconf macros to check whether the available missing
# script is modern enough.
exit 0
;;
--run)
# Back-compat with the calling convention used by older automake.
shift
;;
-h|--h|--he|--hel|--help)
echo "\
$0 [OPTION]... PROGRAM [ARGUMENT]...
Run 'PROGRAM [ARGUMENT]...', returning a proper advice when this fails due
to PROGRAM being missing or too old.
Options:
-h, --help display this help and exit
-v, --version output version information and exit
Supported PROGRAM values:
aclocal autoconf autoheader autom4te automake makeinfo
bison yacc flex lex help2man
Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and
'g' are ignored when checking the name.
Send bug reports to <bug-automake@gnu.org>."
exit $?
;;
-v|--v|--ve|--ver|--vers|--versi|--versio|--version)
echo "missing $scriptversion (GNU Automake)"
exit $?
;;
-*)
echo 1>&2 "$0: unknown '$1' option"
echo 1>&2 "Try '$0 --help' for more information"
exit 1
;;
esac
# Run the given program, remember its exit status.
"$@"; st=$?
# If it succeeded, we are done.
test $st -eq 0 && exit 0
# Also exit now if we it failed (or wasn't found), and '--version' was
# passed; such an option is passed most likely to detect whether the
# program is present and works.
case $2 in --version|--help) exit $st;; esac
# Exit code 63 means version mismatch. This often happens when the user
# tries to use an ancient version of a tool on a file that requires a
# minimum version.
if test $st -eq 63; then
msg="probably too old"
elif test $st -eq 127; then
# Program was missing.
msg="missing on your system"
else
# Program was found and executed, but failed. Give up.
exit $st
fi
perl_URL=https://www.perl.org/
flex_URL=https://github.com/westes/flex
gnu_software_URL=https://www.gnu.org/software
program_details ()
{
case $1 in
aclocal|automake)
echo "The '$1' program is part of the GNU Automake package:"
echo "<$gnu_software_URL/automake>"
echo "It also requires GNU Autoconf, GNU m4 and Perl in order to run:"
echo "<$gnu_software_URL/autoconf>"
echo "<$gnu_software_URL/m4/>"
echo "<$perl_URL>"
;;
autoconf|autom4te|autoheader)
echo "The '$1' program is part of the GNU Autoconf package:"
echo "<$gnu_software_URL/autoconf/>"
echo "It also requires GNU m4 and Perl in order to run:"
echo "<$gnu_software_URL/m4/>"
echo "<$perl_URL>"
;;
esac
}
give_advice ()
{
# Normalize program name to check for.
normalized_program=`echo "$1" | sed '
s/^gnu-//; t
s/^gnu//; t
s/^g//; t'`
printf '%s\n' "'$1' is $msg."
configure_deps="'configure.ac' or m4 files included by 'configure.ac'"
case $normalized_program in
autoconf*)
echo "You should only need it if you modified 'configure.ac',"
echo "or m4 files included by it."
program_details 'autoconf'
;;
autoheader*)
echo "You should only need it if you modified 'acconfig.h' or"
echo "$configure_deps."
program_details 'autoheader'
;;
automake*)
echo "You should only need it if you modified 'Makefile.am' or"
echo "$configure_deps."
program_details 'automake'
;;
aclocal*)
echo "You should only need it if you modified 'acinclude.m4' or"
echo "$configure_deps."
program_details 'aclocal'
;;
autom4te*)
echo "You might have modified some maintainer files that require"
echo "the 'autom4te' program to be rebuilt."
program_details 'autom4te'
;;
bison*|yacc*)
echo "You should only need it if you modified a '.y' file."
echo "You may want to install the GNU Bison package:"
echo "<$gnu_software_URL/bison/>"
;;
lex*|flex*)
echo "You should only need it if you modified a '.l' file."
echo "You may want to install the Fast Lexical Analyzer package:"
echo "<$flex_URL>"
;;
help2man*)
echo "You should only need it if you modified a dependency" \
"of a man page."
echo "You may want to install the GNU Help2man package:"
echo "<$gnu_software_URL/help2man/>"
;;
makeinfo*)
echo "You should only need it if you modified a '.texi' file, or"
echo "any other file indirectly affecting the aspect of the manual."
echo "You might want to install the Texinfo package:"
echo "<$gnu_software_URL/texinfo/>"
echo "The spurious makeinfo call might also be the consequence of"
echo "using a buggy 'make' (AIX, DU, IRIX), in which case you might"
echo "want to install GNU make:"
echo "<$gnu_software_URL/make/>"
;;
*)
echo "You might have modified some files without having the proper"
echo "tools for further handling them. Check the 'README' file, it"
echo "often tells you about the needed prerequisites for installing"
echo "this package. You may also peek at any GNU archive site, in"
echo "case some other package contains this missing '$1' program."
;;
esac
}
give_advice "$1" | sed -e '1s/^/WARNING: /' \
-e '2,$s/^/ /' >&2
# Propagate the correct exit status (expected to be 127 for a program
# not found, 63 for a program that failed due to version mismatch).
exit $st
# Local variables:
# eval: (add-hook 'before-save-hook 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

138
src/config.h.in Normal file
View file

@ -0,0 +1,138 @@
/* src/config.h.in. Generated from configure.ac by autoheader. */
/* Define if building universal (internal helper macro) */
#undef AC_APPLE_UNIVERSAL_BUILD
/* Define to 1 if you have the <dlfcn.h> header file. */
#undef HAVE_DLFCN_H
/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
/* Define to 1 if you have the `crypto' library (-lcrypto). */
#undef HAVE_LIBCRYPTO
/* Define to 1 if you have the <openssl/aes.h> header file. */
#undef HAVE_OPENSSL_AES_H
/* Define to 1 if you have the <openssl/blowfish.h> header file. */
#undef HAVE_OPENSSL_BLOWFISH_H
/* Define to 1 if you have the <openssl/core_names.h> header file. */
#undef HAVE_OPENSSL_CORE_NAMES_H
/* Define to 1 if you have the <openssl/err.h> header file. */
#undef HAVE_OPENSSL_ERR_H
/* Define to 1 if you have the <openssl/evp.h> header file. */
#undef HAVE_OPENSSL_EVP_H
/* Define to 1 if you have the <openssl/md5.h> header file. */
#undef HAVE_OPENSSL_MD5_H
/* Define to 1 if you have the <openssl/provider.h> header file. */
#undef HAVE_OPENSSL_PROVIDER_H
/* Define to 1 if you have the <openssl/sha.h> header file. */
#undef HAVE_OPENSSL_SHA_H
/* Define to 1 if you have the `regcomp' function. */
#undef HAVE_REGCOMP
/* Define to 1 if you have the `regexec' function. */
#undef HAVE_REGEXEC
/* Define to 1 if you have the <regex.h> header file. */
#undef HAVE_REGEX_H
/* S6_ADDR32 is present in in6_addr when defined */
#undef HAVE_S6_ADDR32
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
/* Define to 1 if you have the <stdio.h> header file. */
#undef HAVE_STDIO_H
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
/* Define to 1 if you have the <strings.h> header file. */
#undef HAVE_STRINGS_H
/* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H
/* Define to 1 if you have the `strlcpy' function. */
#undef HAVE_STRLCPY
/* Define to 1 if you have the <sys/stat.h> header file. */
#undef HAVE_SYS_STAT_H
/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
/* Define to 1 if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H
/* U6_ADDR32 is present in in6_addr when defined */
#undef HAVE__U6_ADDR32
/* Define to the sub-directory where libtool stores uninstalled libraries. */
#undef LT_OBJDIR
/* Name of package */
#undef PACKAGE
/* Define to the address where bug reports for this package should be sent. */
#undef PACKAGE_BUGREPORT
/* Define to the full name of this package. */
#undef PACKAGE_NAME
/* Define to the full name and version of this package. */
#undef PACKAGE_STRING
/* Define to the one symbol short name of this package. */
#undef PACKAGE_TARNAME
/* Define to the home page for this package. */
#undef PACKAGE_URL
/* Define to the version of this package. */
#undef PACKAGE_VERSION
/* Define to 1 if all of the C90 standard headers exist (not just the ones
required in a freestanding environment). This macro is provided for
backward compatibility; new code need not use it. */
#undef STDC_HEADERS
/* Version number of package */
#undef VERSION
/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
significant byte first (like Motorola and SPARC, unlike Intel). */
#if defined AC_APPLE_UNIVERSAL_BUILD
# if defined __BIG_ENDIAN__
# define WORDS_BIGENDIAN 1
# endif
#else
# ifndef WORDS_BIGENDIAN
# undef WORDS_BIGENDIAN
# endif
#endif
/* Define for Solaris 2.5.1 so the uint32_t typedef from <sys/synch.h>,
<pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
#define below would cause a syntax error. */
#undef _UINT32_T
/* Define to empty if `const' does not conform to ANSI C. */
#undef const
/* Define to `unsigned int' if <sys/types.h> does not define. */
#undef size_t
/* Define to the type of an unsigned integer type of width exactly 32 bits if
such a type exists and the standard includes do not define it. */
#undef uint32_t

847
src/cryptopANT.c Normal file
View file

@ -0,0 +1,847 @@
/* -*- Mode:C; c-basic-offset:8; tab-width:8; indent-tabs-mode:t -*- */
/*
* Copyright (C) 2004-2024 by the University of Southern California
* $Id: cdc84b9fca5b7bc01d665de67bbe6358d0a8131f $
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License,
* version 2, as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
*
*/
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <netinet/in.h>
#include <fcntl.h>
#include <stdint.h>
#include <ctype.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <assert.h>
#include <openssl/evp.h>
#include <openssl/md5.h>
#include <openssl/blowfish.h>
#include <openssl/sha.h>
#include <openssl/aes.h>
#include <openssl/err.h>
#include <openssl/core_names.h>
#include <openssl/provider.h>
#include "cryptopANT.h"
#include "config.h"
#define MAX_BLK_LENGTH 32
#define CACHE_BITS 24 /* How many bits of IPv4 we cache, cannot be zero */
#define BF_KEYLEN 16 /* bytes */
#define TEST_CACHE 0
#define RESET_ETHER_MCAST(p) (*(char*)(p) &= 0xfe)
#ifndef MAX
#define MAX(a,b) ((a) > (b) ? (a) : (b))
#endif
#if HAVE__U6_ADDR32
#define s6_addr32 __u6_addr.__u6_addr32
#endif
//determined by autoconf
#ifdef WORDS_BIGENDIAN
//sigh, older version of the code was not byte-order safe; this is needed
//to ensure backward compatibility AND compatibility with BE-systems.
#include <byteswap.h>
#define cryptopant_swap32(x) bswap_32(x)
#else
#define cryptopant_swap32(x) (x)
#endif
typedef struct ipv4_hash_blk_ {
uint32_t ip4;
uint8_t pad[MAX_BLK_LENGTH - sizeof(uint32_t)];
} ipv4_hash_blk_t;
typedef struct ipv6_hash_blk_ {
struct in6_addr ip6;
uint8_t pad[MAX_BLK_LENGTH - sizeof(struct in6_addr)];
} ipv6_hash_blk_t;
uint8_t scramble_ether_addr[ETHER_ADDR_LEN];
uint16_t scramble_ether_vlan;
int scramble_mac;
static int readhexstring (FILE *, u_char *, int *);
static uint32_t ip4cache[1<<CACHE_BITS];
static uint32_t ip4pad; /* first 4 bytes of pad */
static uint32_t ip6pad[4];
static u_char scramble_mac_buf[MAX_BLK_LENGTH];
static u_char scramble_key[MAX_BLK_LENGTH];
static uint8_t ivec[64];
/* statistics */
static long ipv4_cache_hits = 0;
static long ipv4_anon_calls = 0;
static long ipv6_anon_calls = 0;
static ipv4_hash_blk_t b4_in, b4_out;
static ipv6_hash_blk_t b6_in, b6_out;
static scramble_crypt_t scramble_crypto4 = SCRAMBLE_AES;
static scramble_crypt_t scramble_crypto6 = SCRAMBLE_AES;
/* openssl EVP pointers */
static EVP_CIPHER_CTX *ctx4, *ctx6;
static EVP_CIPHER *cipher4, *cipher6;
static EVP_MD_CTX *mdctx4, *mdctx6;
static EVP_MD *md4, *md6;
static struct {
char *name;
scramble_crypt_t type;
} scramble_names[] = {
{ "md5", SCRAMBLE_MD5 },
{ "blowfish", SCRAMBLE_BLOWFISH },
{ "aes", SCRAMBLE_AES },
{ "sha", SCRAMBLE_SHA1 },
};
const char *
scramble_type2name(scramble_crypt_t t)
{
int i;
for (i = 0; i < sizeof(scramble_names)/sizeof(scramble_names[0]); ++i)
if (scramble_names[i].type == t)
return scramble_names[i].name;
return NULL;
}
scramble_crypt_t
scramble_name2type(const char *name)
{
int i;
for (i = 0; i < sizeof(scramble_names)/sizeof(scramble_names[0]); ++i)
if (strcasecmp(name, scramble_names[i].name) == 0)
return scramble_names[i].type;
return SCRAMBLE_NONE;
}
scramble_crypt_t
scramble_crypto_ip4(void)
{
return scramble_crypto4;
}
scramble_crypt_t
scramble_crypto_ip6(void)
{
return scramble_crypto6;
}
int
scramble_newkey(u_char *key, int klen)
{
FILE *rnd = fopen(SCRAMBLE_RANDOM_DEV, "r");
if (rnd == NULL) {
perror("scramble_newkey(): fopen");
return -1;
}
if (fread(key, 1, klen, rnd) != klen) {
perror("scramble_newkey(): fread");
fclose(rnd);
return -1;
}
fclose(rnd);
return 0;
}
int
scramble_newpad(u_char *pad, int plen)
{
FILE *rnd = fopen(SCRAMBLE_RANDOM_DEV, "r");
if (rnd == NULL) {
perror("scramble_newpad(): fopen");
return -1;
}
if (fread(pad, 1, plen, rnd) != plen) {
perror("scramble_newpad(): fread");
fclose(rnd);
return -1;
}
fclose(rnd);
return 0;
}
int
scramble_newmac(u_char *mac, int mlen)
{
FILE *rnd = fopen(SCRAMBLE_RANDOM_DEV, "r");
if (rnd == NULL) {
perror("scramble_newkey(): fopen");
return -1;
}
if (fread(mac, 1, mlen, rnd) != mlen) {
perror("scramble_newkey(): fread");
fclose(rnd);
return -1;
}
fclose(rnd);
return 0;
}
int
scramble_newiv(u_char *iv, int ivlen)
{
FILE *rnd = fopen(SCRAMBLE_RANDOM_DEV, "r");
if (rnd == NULL) {
perror("scramble_newiv(): fopen");
return -1;
}
if (fread(iv, 1, ivlen, rnd) != ivlen) {
perror("scramble_newiv(): fread");
fclose(rnd);
return -1;
}
fclose(rnd);
return 0;
}
/* read a hex string from fd at current position and store it in s */
static int
readhexstring(FILE *f, u_char *s, int *len)
{
char c = 0;
int i;
for (i = 0; i < *len + 1; ++i) {
switch (fread(&c, 1, 1, f)) {
case 0:
*len = i;
return 0;
case 1:
break;
default:
return -1;
}
if (!isxdigit(c)) {
*len = i;
return 0;
}
s[i] = ((isdigit(c)) ? c - '0' : tolower(c) - 'a' + 10) << 4;
if (fread(&c, 1, 1, f) != 1) {
*len = i;
return -1; /* error: a byte has 2 digits */
}
if (!isxdigit(c)) {
*len = i;
return -1;
}
s[i] |= (isdigit(c)) ? c - '0' : tolower(c) - 'a' + 10;
}
if (i == *len + 1)
return -1; /* means buffer is too short */
return 0;
}
int
scramble_readstate(const char *fn, scramble_state_t *s)
{
u_char c4, c6;
int l4 = 1, l6 = 1;
FILE *f = fopen(fn, "r");
if (f == NULL) {
perror("scramble_readstate(): fopen");
return -1;
}
if (readhexstring(f, (u_char*)&c4, &l4) != 0) {
fprintf(stderr, "scramble_readstate(): error reading c4");
fclose(f);
return -1;
}
assert(l4 == 1);
s->c4 = (scramble_crypt_t)c4;
if (readhexstring(f, (u_char*)&c6, &l6) != 0) {
fprintf(stderr, "scramble_readstate(): error reading c6");
fclose(f);
return -1;
}
assert(l6 == 1);
s->c6 = (scramble_crypt_t)c6;
if (readhexstring(f, s->key, &s->klen) != 0) {
fprintf(stderr, "scramble_readstate(): error reading key");
fclose(f);
return -1;
}
if (readhexstring(f, s->pad, &s->plen) != 0) {
fprintf(stderr, "scramble_readstate(): error reading pad");
fclose(f);
return -1;
}
if (readhexstring(f, s->mac, &s->mlen) != 0) {
fprintf(stderr, "scramble_readstate(): error reading mac");
fclose(f);
return -1;
}
if (readhexstring(f, s->iv, &s->ivlen) != 0) {
fprintf(stderr, "scramble_readstate(): error reading iv");
fclose(f);
return -1;
}
fclose(f);
return 0;
}
int
scramble_savestate(const char *fn, const scramble_state_t *s)
{
int i;
/* set restrictive mode */
int fd = creat(fn, S_IRUSR|S_IWUSR);
if (fd < 0) {
perror("scramble_savestate(): open");
return -1;
}
FILE *f = fdopen(fd, "w");
if (f == NULL) {
perror("scramble_savestate(): fopen");
return -1;
}
if (fprintf(f, "%02x:%02x:", (unsigned)s->c4, (unsigned)s->c6) < 0) {
perror("scramble_savestate(): error saving cryptos");
fclose(f);
return -1;
}
for (i = 0; i < s->klen; ++i) {
if (fprintf(f, "%02x", s->key[i]) < 0) {
perror("scramble_savestate(): error saving key");
fclose(f);
return -1;
}
}
fprintf(f, ":");
for (i = 0; i < s->plen; ++i) {
if (fprintf(f, "%02x", s->pad[i]) < 0) {
perror("scramble_savestate(): error saving pad");
fclose(f);
return -1;
}
}
fprintf(f, ":");
for (i = 0; i < s->mlen; ++i) {
if (fprintf(f, "%02x", s->mac[i]) < 0) {
perror("scramble_savestate(): error saving mac");
fclose(f);
return -1;
}
}
fprintf(f, ":");
for (i = 0; i < s->ivlen; ++i) {
if (fprintf(f, "%02x", s->iv[i]) < 0) {
perror("scramble_savestate(): error saving lv");
fclose(f);
return -1;
}
}
fprintf(f, "\n");
fclose(f);
return 0;
}
void
scramble_cleanup()
{
// openssl evp cleanup
if (ctx4 != NULL) {
EVP_CIPHER_CTX_free(ctx4);
ctx4 = NULL;
}
if (ctx6 != NULL) {
EVP_CIPHER_CTX_free(ctx6);
ctx6 = NULL;
}
if (mdctx4 != NULL) {
EVP_MD_CTX_free(mdctx4);
mdctx4 = NULL;
}
if (mdctx6 != NULL) {
EVP_MD_CTX_free(mdctx6);
mdctx6 = NULL;
}
if (cipher4 != NULL) {
EVP_CIPHER_free(cipher4);
cipher4 = NULL;
}
if (cipher6 != NULL) {
EVP_CIPHER_free(cipher6);
cipher6 = NULL;
}
if (md4 != NULL) {
EVP_MD_free(md4);
md4 = NULL;
}
if (md6 != NULL) {
EVP_MD_free(md6);
md6 = NULL;
}
}
int
scramble_init(const scramble_state_t *s)
{
int plen;
if (s->plen > MAX_BLK_LENGTH)
plen = MAX_BLK_LENGTH;
else
plen = s->plen;
scramble_crypto4 = s->c4;
scramble_crypto6 = s->c6;
memcpy(&b4_in, s->pad, plen);
ip4pad = cryptopant_swap32(b4_in.ip4);
memcpy(&b6_in, s->pad, s->plen);
ip6pad[0] = b6_in.ip6.s6_addr32[0];
ip6pad[1] = b6_in.ip6.s6_addr32[1];
ip6pad[2] = b6_in.ip6.s6_addr32[2];
ip6pad[3] = b6_in.ip6.s6_addr32[3];
memcpy(scramble_key, s->key, s->klen);
// create contexts (will not need them all)
ctx4 = EVP_CIPHER_CTX_new();
ctx6 = EVP_CIPHER_CTX_new();
mdctx4 = EVP_MD_CTX_new();
mdctx6 = EVP_MD_CTX_new();
// fetch ciphers and digests
void *res_ctx = NULL, *res_crypt = NULL;
switch(s->c4) {
case SCRAMBLE_AES:
OSSL_PROVIDER_load(NULL, "default");
cipher4 = EVP_CIPHER_fetch(NULL, "AES-128-ECB", "provider=default");
res_ctx = ctx4;
res_crypt = cipher4;
break;
case SCRAMBLE_BLOWFISH:
OSSL_PROVIDER_load(NULL, "legacy");
cipher4 = EVP_CIPHER_fetch(NULL, "BF-ECB", "provider=legacy");
if (cipher4 == NULL) {
cipher4 = EVP_CIPHER_fetch(NULL, "BF-ECB", NULL);
}
res_ctx = ctx4;
res_crypt = cipher4;
break;
case SCRAMBLE_SHA1:
md4 = EVP_MD_fetch(NULL, "SHA1", NULL);
res_ctx = mdctx4;
res_crypt = md4;
break;
case SCRAMBLE_MD5:
md4 = EVP_MD_fetch(NULL, "MD5", NULL);
res_ctx = mdctx4;
res_crypt = md4;
break;
case SCRAMBLE_NONE:
break;
default:
fprintf(stderr,
"scramble_init(): unsupported ipv4 scrambling crypto: %d\n", s->c4);
return -1;
}
if (s->c4 != SCRAMBLE_NONE && (res_ctx == NULL || res_crypt == NULL)) {
fprintf(stderr,
"scramble_init(): EVP ip4 init failures %p %p\n", res_ctx, res_crypt);
return -1;
}
res_ctx = res_crypt = NULL;
switch(s->c6) {
case SCRAMBLE_AES:
OSSL_PROVIDER_load(NULL, "default");
cipher6 = EVP_CIPHER_fetch(NULL, "AES-128-ECB", "provider=default");
res_ctx = ctx6;
res_crypt = cipher6;
break;
case SCRAMBLE_BLOWFISH:
OSSL_PROVIDER_load(NULL, "legacy");
cipher6 = EVP_CIPHER_fetch(NULL, "BF-CBC", "provider=legacy");
if (cipher6 == NULL) {
cipher6 = EVP_CIPHER_fetch(NULL, "BF-ECB", NULL);
}
res_ctx = ctx6;
res_crypt = cipher6;
break;
case SCRAMBLE_SHA1:
md6 = EVP_MD_fetch(NULL, "SHA1", NULL);
res_ctx = mdctx6;
res_crypt = md6;
break;
case SCRAMBLE_MD5:
md6 = EVP_MD_fetch(NULL, "MD5", NULL);
res_ctx = mdctx6;
res_crypt = md6;
break;
case SCRAMBLE_NONE:
break;
default:
fprintf(stderr,
"scramble_init(): unsupported ipv6 scrambling crypto: %d\n", s->c6);
return -1;
}
if (s->c6 != SCRAMBLE_NONE && (res_ctx == NULL || res_crypt == NULL)) {
fprintf(stderr,
"scramble_init(): EVP ip6 init failures %p %p\n", res_ctx, res_crypt);
return -1;
}
if (cipher4 != NULL) {
if (!EVP_EncryptInit_ex2(ctx4, cipher4, scramble_key, ivec, NULL)) {
fprintf(stderr,
"scramble_init(): EVP_EncryptInit_ex2 failed:");
ERR_print_errors_fp(stderr);
return -1;
}
}
if (cipher6 != NULL) {
if (!EVP_EncryptInit_ex2(ctx6, cipher6, scramble_key, ivec, NULL)) {
fprintf(stderr,
"scramble_init(): EVP_EncryptInit_ex2 failed:");
ERR_print_errors_fp(stderr);
return -1;
}
}
// don't need to init anything for digests
scramble_mac = 0;
memcpy(scramble_mac_buf, s->mac, s->mlen);
if (s->mlen > 0) {
scramble_mac = 1;
if (s->mlen < ETHER_ADDR_LEN + ETHER_VLAN_LEN) {
fprintf(stderr,
"scramble_init(): mac string is too short (%d)\n",
s->mlen);
return -1;
}
}
memcpy(scramble_ether_addr, scramble_mac_buf, ETHER_ADDR_LEN);
/* we don't want to map ether unicast to multicast and visa versa */
RESET_ETHER_MCAST(scramble_ether_addr);
memcpy(&scramble_ether_vlan, scramble_mac_buf + ETHER_ADDR_LEN, ETHER_VLAN_LEN);
return 0;
}
/* init everything from file, if it doesn't exist, create it */
int
scramble_init_from_file(const char *fn, scramble_crypt_t c4, scramble_crypt_t c6, int *do_mac)
{
// OSSL_PROVIDER *legacy_, *default_;
u_char pad[MAX_BLK_LENGTH];
u_char key[MAX_BLK_LENGTH];
u_char mac[MAX_BLK_LENGTH];
u_char iv[MAX_BLK_LENGTH];
scramble_state_t s;
FILE *f;
s.pad = pad;
s.key = key;
s.mac = mac;
s.iv = iv;
if ((f = fopen(fn, "r")) == NULL) {
if (errno != ENOENT) {
perror("scamble_init_file(): fopen");
return -1;
}
if (c4 == SCRAMBLE_NONE || c6 == SCRAMBLE_NONE)
return -1;
/* file doesn't exist, create it */
s.c4 = c4;
s.c6 = c6;
s.plen = MAX_BLK_LENGTH;
s.klen = 16; /* XXX */
s.ivlen = 16;
if (scramble_newpad(pad, s.plen) < 0)
return -1;
if (scramble_newkey(key, s.klen) < 0)
return -1;
if (scramble_newiv(iv, s.ivlen) < 0)
return -1;
if (do_mac && *do_mac) {
s.mlen = ETHER_ADDR_LEN + ETHER_VLAN_LEN;
if (scramble_newmac(mac, s.mlen) < 0)
return -1;
} else
s.mlen = 0;
if (scramble_savestate(fn, &s) < 0)
return -1;
} else {
fclose(f);
s.plen = MAX_BLK_LENGTH;
s.klen = MAX_BLK_LENGTH;
s.mlen = MAX_BLK_LENGTH;
s.ivlen = MAX_BLK_LENGTH;
if (scramble_readstate(fn, &s) < 0)
return -1;
if (do_mac)
*do_mac = (s.mlen > 0);
}
if (scramble_init(&s) < 0)
return -1;
return 0;
}
/* scramble IPv4 addresses, input and output are in network byte order */
uint32_t
scramble_ip4(uint32_t input, int pass_bits) {
uint32_t output = 0;
uint32_t m = 0xffffffff << 1;
int i = 31;
int class_bits = 0;
int pbits = 0;
int outlen;
#define MAX_CLASS_BITS 4
static int _class_bits[1<<MAX_CLASS_BITS] = {
1,1,1,1,1,1,1,1, /* class A: preserve 1 bit */
2,2,2,2, /* class B: preserve 2 bits */
3,3, /* class C: preserve 3 bits */
4, /* class D: preserve 4 bits */
32 /* class bad, preserve all */
};
uint32_t *cp;
input = ntohl(input);
cp = ip4cache + (input >> (32 - CACHE_BITS));
assert(pass_bits >= 0 && pass_bits < 33);
++ipv4_anon_calls;
b4_in.ip4 = input;
class_bits = _class_bits[input >> (32-MAX_CLASS_BITS)];
// check cache first
output = *cp;
if (output != 0) {
output <<= (32 - CACHE_BITS);
if (class_bits < CACHE_BITS)
class_bits = CACHE_BITS;
++ipv4_cache_hits;
}
pbits = MAX(pass_bits, class_bits);
for (i = 31; i > pbits - 1; --i) {
/* pass through 'i' highest bits of ip4 */
b4_in.ip4 &= m;
/* the following could be:
* b4_in.ip4 |= (ip4pad & ~m); */
b4_in.ip4 |= (ip4pad >> i);
b4_in.ip4 = cryptopant_swap32(b4_in.ip4);
uint mdlen = MD5_DIGEST_LENGTH;
switch (scramble_crypto4) {
case SCRAMBLE_BLOWFISH:
if (!EVP_CipherUpdate(ctx4, (u_char*)&b4_out, &outlen, (u_char*)&b4_in, BF_BLOCK)) {
/* Error */
fprintf(stderr, "scramble_ip4(): EVP_CipherUpdate failed");
abort();
}
case SCRAMBLE_AES:
if (!EVP_CipherUpdate(ctx4, (u_char*)&b4_out, &outlen, (u_char*)&b4_in, AES_BLOCK_SIZE)) {
/* Error */
fprintf(stderr, "scramble_ip4(): EVP_CipherUpdate failed");
abort();
}
break;
case SCRAMBLE_SHA1:
mdlen = SHA_DIGEST_LENGTH;
// fallthrough
case SCRAMBLE_MD5:
if (!EVP_DigestInit_ex2(mdctx4, md4, NULL) ||
!EVP_DigestUpdate(mdctx4, (u_char*)&b4_in, mdlen) ||
!EVP_DigestFinal_ex(mdctx4, (u_char*)&b4_out, &mdlen)) {
/* Error */
fprintf(stderr, "scramble_ip4(): EVP_Digest* failed");
abort();
}
break;
default:
abort();
}
output |= (( *((u_char*)&b4_out.ip4) & 1) << (31 - i));
b4_in.ip4 = cryptopant_swap32(b4_in.ip4);
m <<= 1;
}
/* output == 0 is OK, means pass address unchanged */
*cp = (output >> (32 - CACHE_BITS));
return htonl(output ^ input);
}
/* scramble ipv6 address in place, in network byte order */
void
scramble_ip6(struct in6_addr *input, int pass_bits)
{
struct in6_addr output;
int i, w;
int pbits = pass_bits;
++ipv6_anon_calls;
b6_in.ip6.s6_addr32[0] = ip6pad[0]; /* XXX this one not needed */
b6_in.ip6.s6_addr32[1] = ip6pad[1];
b6_in.ip6.s6_addr32[2] = ip6pad[2];
b6_in.ip6.s6_addr32[3] = ip6pad[3];
int outlen = AES_BLOCK_SIZE;
uint mdlen;
for (w = 0; w < 4; ++w) {
uint32_t m = 0xffffffff << 1;
uint32_t x = ntohl(input->s6_addr32[w]);
uint32_t hpad = ntohl(ip6pad[w]);
output.s6_addr32[w] = 0;
/* anonymize x, using hpad */
for (i = 31; i > pbits - 1; --i) {
/* pass through 'i' highest bits of the word */
x &= m;
/* the following could be:
* x |= (hpad & ~m); */
x |= (hpad >> i);
b6_in.ip6.s6_addr32[w] = htonl(x);
/* hashing proper */
switch (scramble_crypto6) {
case SCRAMBLE_BLOWFISH:
/* use BF in chain mode */
EVP_CIPHER_CTX_reset(ctx6);
if (!EVP_EncryptInit_ex2(ctx6, cipher6, scramble_key, ivec, NULL)) {
fprintf(stderr,
"scramble_init(): EVP_EncryptInit_ex2 failed:");
ERR_print_errors_fp(stderr);
}
if (!EVP_CipherUpdate(ctx6, (u_char*)&b6_out, &outlen, (u_char*)&b6_in, sizeof(b6_in))) {
/* Error */
fprintf(stderr, "scramble_ip6(): EVP_CipherUpdate failed\n");
ERR_print_errors_fp(stderr);
}
break;
case SCRAMBLE_AES:
if (!EVP_CipherUpdate(ctx6, (u_char*)&b6_out, &outlen, (u_char*)&b6_in, AES_BLOCK_SIZE)) {
/* Error */
fprintf(stderr, "scramble_ip6(): EVP_CipherUpdate failed");
}
break;
case SCRAMBLE_SHA1:
case SCRAMBLE_MD5:
if (scramble_crypto6 == SCRAMBLE_SHA1) {
mdlen = SHA_DIGEST_LENGTH;
} else {
mdlen = MD5_DIGEST_LENGTH;
}
// fallthrough
if (!EVP_DigestInit_ex2(mdctx6, md6, NULL) ||
!EVP_DigestUpdate(mdctx6, (u_char*)&b6_in, mdlen) ||
!EVP_DigestFinal_ex(mdctx6, (u_char*)&b6_out, &mdlen)) {
/* Error */
fprintf(stderr, "scramble_ip6(): EVP_Digest* failed");
}
break;
default:
abort();
}
output.s6_addr32[w] |= ((ntohl(b6_out.ip6.s6_addr32[3]) & 1)
<< (31 - i));
m <<= 1;
}
pbits = (pbits >= 32) ? pbits - 32 : 0;
/* pbits >= 32 this means the above for-loop wasn't executed */
output.s6_addr32[w] = htonl(output.s6_addr32[w]) ^ input->s6_addr32[w];
/* restore the word */
b6_in.ip6.s6_addr32[w] = input->s6_addr32[w];
}
*input = output;
}
/* reverse map scrambled IP addresses, all network byte order */
uint32_t
unscramble_ip4(uint32_t input, int pass_bits)
{
int i;
uint32_t guess, res;
guess = input; /* Starting with the input seems
* a good idea because some bits
* may be passed through
* unchanged */
for (i=32; i>0; --i) {
res = scramble_ip4(guess, pass_bits);
/* we're only interested in flipping the
* higher bit, don't care about the rest */
res ^= input;
if (res == 0)
return guess;
guess ^= res;
}
//unreachable, since there should be always a match
//(since we're zeroing out at least one bit per iteration)
assert(0);
return (0xffffffff); /* cannot find the match */
}
/* unscramble ipv6 address in place, in network byte order */
void
unscramble_ip6(struct in6_addr *input, int pass_bits)
{
struct in6_addr guess;
struct in6_addr res;
uint32_t r = 0;
int i;
guess = *input;
for (i = 0; i < 4; ++i) {
for (;;) {
res = guess;
scramble_ip6(&res, pass_bits);
r = res.s6_addr32[i] ^ input->s6_addr32[i];
if (r == 0) break;
guess.s6_addr32[i] ^= r;
}
}
*input = guess;
return;
}

92
src/cryptopANT.h Normal file
View file

@ -0,0 +1,92 @@
/* -*- Mode:C; c-basic-offset:8; tab-width:8; indent-tabs-mode:t -*- */
/*
* Copyright (C) 2004-2024 by the University of Southern California
* $Id: c23494984e1ae44af55668feda8232282c9473d0 $
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License,
* version 2, as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
*
*/
#ifndef _SCRAMBLE_CRYPT_H
#define _SCRAMBLE_CRYPT_H
#ifdef __cplusplus
extern "C" {
#endif
#define ETHER_ADDR_LEN 6
#define ETHER_VLAN_LEN 2
#define _XOR16(a, b, i) (((uint16_t *)(a))[i] ^= ((uint16_t *)(b))[i])
#define _XOR32(a, b, i) (((uint32_t *)(a))[i] ^= ((uint32_t *)(b))[i])
#define SCRAMBLE_ETHER_ADDR(a) if (1) { \
_XOR32(a, scramble_ether_addr, 0); \
_XOR16(a, scramble_ether_addr, 2); \
}
#define SCRAMBLE_ETHER_VLAN(v) ((v) ^= scramble_ether_vlan);
#define SCRAMBLE_RANDOM_DEV "/dev/urandom"
typedef enum {
SCRAMBLE_NONE = 0x00,
SCRAMBLE_MD5 = 0x01,
SCRAMBLE_BLOWFISH = 0x02,
SCRAMBLE_AES = 0x03,
SCRAMBLE_SHA1 = 0x04
} scramble_crypt_t;
typedef struct {
scramble_crypt_t c4;
scramble_crypt_t c6;
u_char *key;
int klen;
u_char *pad;
int plen;
u_char *mac;
int mlen;
u_char *iv;
int ivlen;
} scramble_state_t;
/* external vars exported by mac scrambling macros */
extern uint8_t scramble_ether_addr[ETHER_ADDR_LEN];
extern uint16_t scramble_ether_vlan;
extern int scramble_mac; /* 0/1 */
/* public functions */
extern scramble_crypt_t scramble_crypto_ip4 (void);
extern scramble_crypt_t scramble_crypto_ip6 (void);
extern scramble_crypt_t scramble_name2type (const char *);
extern const char* scramble_type2name (scramble_crypt_t);
extern int scramble_newkey (u_char *, int);
extern int scramble_newpad (u_char *, int);
extern int scramble_newmac (u_char *, int);
extern int scramble_readstate (const char *, scramble_state_t *);
extern int scramble_savestate (const char *, const scramble_state_t *);
extern int scramble_init (const scramble_state_t *s);
extern int scramble_init_from_file (const char *, scramble_crypt_t, scramble_crypt_t, int *);
extern void scramble_cleanup ();
extern uint32_t scramble_ip4 (uint32_t, int);
extern uint32_t unscramble_ip4 (uint32_t, int);
extern void scramble_ip6 (struct in6_addr *, int);
extern void unscramble_ip6 (struct in6_addr *, int);
#ifdef __cplusplus
}
#endif
#endif /* _SCRAMBLE_CRYPT_H */

487
src/scramble_ips.c Normal file
View file

@ -0,0 +1,487 @@
/* -*- Mode:C; c-basic-offset:4; tab-width:8; indent-tabs-mode:t -*- */
/*
* Copyright (C) 2004-2024 by the University of Southern California
* $Id: a91d5228a362749a1ccff71f0fbdc092ac7ebdcc $
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License,
* version 2, as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
*
*/
/* setup environment */
#define _GNU_SOURCE 1
#define _FILE_OFFSET_BITS 64
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <getopt.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <ctype.h>
#include <regex.h> //xxx need to check in autoconf
#include <assert.h>
#include "cryptopANT.h"
//autoconfigured
#include "config.h"
//long options
#define PASS4 256
#define PASS6 257
#define KTYPE 258
#define IPPREFIX 259
#define IPSUFFIX 260
#define IP4MAXLEN 15 //strlen("xxx.xxx.xxx.xxx")
#define IP6MAXLEN 39 //strlen("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx")
#define CBUF_SZ (IP6MAXLEN*2)
#define INITBUFSIZE 4096 //xxx need more space in case text expands due to IP scrambling
#if HAVE__U6_ADDR32
#define s6_addr32 __u6_addr.__u6_addr32
#endif
#if HAVE_REGEX_H
static const char REGEX4[]="((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))";
static const char REGEX6[]="(((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}))|:)))(%.+)?)";
#endif //HAVE_REGEX_H
static int pass_bits4 = 0;
static int pass_bits6 = 0;
static int reverse_mode = 0;
//buffers for in/out processing
static char *linebuf1 = NULL,*linebuf2 = NULL;
static size_t linebuf1_sz = 0, linebuf2_sz = 0;
static char cbuf[CBUF_SZ];
void
usage(const char *pname) {
fprintf(stderr,
"Read IP addresses from stdin and print scrambled addresses on stdout\n"
"USAGE:\n"
"\t%s [OPTIONS] [-r] key_file\n"
"\tWhere OPTIONS are:\n"
"\t\t--newkey|-G generate a new key key_file\n"
"\t\t--type=TYPE crypto to use for key generation (valid only with --newkey option)\n"
"\t\t supported choices are: blowfish (default), aes, sha1, md5\n"
"\t\t--pass4=<num> pass <num> higher bits of ipv4 addresses through unchanged\n"
"\t\t--pass6=<num> pass <num> higher bits of ipv6 addresses through unchanged\n"
#if HAVE_REGEX_H
"\t\t--ip-prefix=<regex> all ips must be prefixed by this regex prefix (both ipv4 and ipv6)\n"
"\t\t--ip-suffix=<regex> all ips must be followed by this regex suffix (both ipv4 and ipv6)\n"
"\t\t-t text mode: read text from stdin and scramble all addresses\n"
"\t\t that can be found using regex (use with caution)\n"
#endif //HAVE_REGEX_H
"\t\t-r reverse-mode i.e. for unscrambling ip addresses\n"
, pname);
exit(1);
}
int
anon_ip4_txt(const char *oldip, char *newip) {
struct in_addr ip4, ip4s;
if (inet_pton(AF_INET, oldip, &ip4) <= 0) {
fprintf(stderr, "don't understand address (%s)\n", oldip);
#ifdef HAVE_STRLCPY
strlcpy(newip, oldip, INITBUFSIZE);
#else
strcpy(newip, oldip); //copy without changing
#endif
} else {
ip4s.s_addr = (reverse_mode)
? unscramble_ip4(ip4.s_addr, pass_bits4)
: scramble_ip4(ip4.s_addr, pass_bits4);
if (newip != inet_ntop(AF_INET, &ip4s, newip, 256)) {
perror("Error: can't print new address");
exit(1);
}
}
return strlen(newip);
}
int
anon_ip6_txt(const char *oldip, char *newip) {
struct in6_addr ip6;
if (inet_pton(AF_INET6, oldip, &ip6) <= 0) {
fprintf(stderr, "don't understand address (%s)\n", oldip);
#ifdef HAVE_STRLCPY
strlcpy(newip, oldip, INITBUFSIZE);
#else
strcpy(newip, oldip); //copy without changing
#endif
} else {
if (reverse_mode) {
unscramble_ip6(&ip6, pass_bits6);
} else {
scramble_ip6(&ip6, pass_bits6);
}
if (newip != inet_ntop(AF_INET6, &ip6, newip, 256)) {
perror("Error: can't print new address");
exit(1);
}
}
return strlen(newip);
}
//return the pointer in 'in' buffer where processing stopped
const char*
search_replace_ip(const char *in, char *out, const regex_t *r,
int (*anonf)(const char*, char*), size_t *outsz) {
const char *c = in;
char *c2 = out;
regmatch_t re_match[2];
//0th element is the whole thing (including prefix and suffix)
//1st element is the IP address
while (0 == regexec(r, c, 2, re_match, 0)) {
const char *cc=c;
if (re_match[1].rm_so != -1) {
const char *ipbeg = cc + re_match[1].rm_so;
const char *ipend = cc + re_match[1].rm_eo;
size_t copylen = ipbeg - c; //from prev match to this one, pass-thru, including prefix
//copy from c..(beg-1), advance both pointers
while (c2 - out + copylen >= *outsz) {
*outsz *= 2;
out = realloc(out, *outsz);
if (out == NULL) {
fprintf(stderr, "Error: run out of buffer space\n");
exit(1);
}
}
memcpy(c2, c, copylen);
c += copylen;
c2+= copylen;
char hold = *ipend; //store last character, we'll need temporarly replace it with '\0'
*(char*)ipend = '\0';
size_t anoniplen = anonf(c, c2);
*(char*)ipend = hold; //restore
c = ipend;
c2 += anoniplen;
}
}
//copy the rest
size_t copylen = strlen(c) + 1;
while (c2 - out + copylen >= *outsz) {
*outsz *= 2;
out = realloc(out, *outsz);
if (out == NULL) {
fprintf(stderr, "Error: run out of buffer space\n");
exit(1);
}
}
memcpy(c2, c, copylen);
return out;
}
int
main(int argc, char *argv[])
{
FILE *keyfile = NULL;
const char *keyfn = NULL;
const char *pname = argv[0];
int opt;
int text_mode = 0;
int opt_newkey = 0;
char *opt_keytype = NULL;
#if HAVE_REGEX_H
char *opt_ipprefix = NULL;
char *opt_ipsuffix = NULL;
char regex4[4096];
char regex6[4096];
#endif //HAVE_REGEX_H
scramble_crypt_t key_crypto = SCRAMBLE_BLOWFISH;
struct option long_options[] = {
{"newkey",0, NULL, 'G'},
{"help", 0, NULL, 'h'},
{"pass4", 1, NULL, PASS4},
{"pass6", 1, NULL, PASS6},
{"type", 1, NULL, KTYPE},
#if HAVE_REGEX_H
{"text", 0, NULL, 't'},
{"ip-prefix", 1, NULL, IPPREFIX},
{"ip-suffix", 1, NULL, IPSUFFIX},
#endif //HAVE_REGEX_H
};
while((opt = getopt_long(argc, argv,
"Ghr"
#if HAVE_REGEX_H
"t"
#endif //HAVE_REGEX_H
, long_options, NULL)) != EOF) {
switch(opt) {
/* long options first: */
case PASS4:
pass_bits4 = atoi(optarg);
if (pass_bits4 < 0 || pass_bits4 > 32) {
fprintf(stderr, "Error: --pass4 option argument must be within [0..32]\n");
exit(1);
}
break;
case PASS6:
pass_bits6 = atoi(optarg);
if (pass_bits6 < 0 || pass_bits6 > 128) {
fprintf(stderr, "Error: --pass6 option argument must be within [0..128]\n");
exit(1);
}
break;
case KTYPE:
opt_keytype = optarg;
if (strcmp(opt_keytype, "blowfish") == 0) {
key_crypto = SCRAMBLE_BLOWFISH;
} else if (strcmp(opt_keytype, "aes") == 0) {
key_crypto = SCRAMBLE_AES;
} else if (strcmp(opt_keytype, "sha1") == 0) {
key_crypto = SCRAMBLE_SHA1;
} else if (strcmp(opt_keytype, "md5") == 0) {
key_crypto = SCRAMBLE_MD5;
} else {
fprintf(stderr, "Error: unsupported crypto key type: '%s' (can be one of: blowfish, aes, sha1, md5)\n", opt_keytype);
exit(1);
}
break;
#if HAVE_REGEX_H
case IPPREFIX:
opt_ipprefix = optarg;
break;
case IPSUFFIX:
opt_ipsuffix = optarg;
break;
case 't':
text_mode = 1;
break;
#endif //HAVE_REGEX_H
/* short options: */
case 'G':
opt_newkey = 1;
break;
case 'h':
usage(pname);
/* never returns */
break;
case 'r':
reverse_mode = 1;
break;
default:
usage(pname);
}
}
argc -= optind;
argv += optind;
if (argc != 1) {
usage(pname);
}
keyfn = argv[0];
if (opt_newkey && (text_mode || reverse_mode || pass_bits4 || pass_bits6)) {
fprintf(stderr, "Error: --newkey or -G is mutually exclusive with other options.\n");
exit(1);
}
if (opt_keytype && !opt_newkey) {
fprintf(stderr, "Error: --type requires --newkey (-G) option.\n");
exit(1);
}
#if HAVE_REGEX_H
if (!text_mode && (opt_ipprefix != NULL || opt_ipsuffix != NULL)) {
fprintf(stderr, "--ip-prefix and --ipsuffix require text mode (-t).\n");
exit(1);
}
#endif //HAVE_REGEX_H
if ((keyfile = fopen(keyfn, "r")) == NULL) {
if (!opt_newkey) {
/* no keyfile, but supposed to exist */
fprintf(stderr, "Error: cannot open the key_file: '%s': %s\n", keyfn, strerror(errno));
exit(1);
}
} else {
if (opt_newkey) {
/* keyfile exists, but asked to make new one */
fprintf(stderr, "Error: keyfile '%s' already exists, remove it before trying to generate a new one.\n",
keyfn);
exit(1);
}
}
if (keyfile) fclose(keyfile);
if (scramble_init_from_file(keyfn, key_crypto, key_crypto, NULL) < 0) {
fprintf(stderr, "Error: can't initialize from keyfile '%s'\n", keyfn);
exit(1);
}
if (opt_newkey) {
//only generating mode
exit(0);
}
if (!text_mode && setvbuf(stdout, NULL, _IOLBF, 0) < 0) {
fprintf(stderr, "Error: setting line buffering: %s\n", strerror(errno));
exit(1);
}
#if 1 //HAVE_REGEX_H
if (text_mode) {
linebuf1_sz = INITBUFSIZE;
linebuf2_sz = INITBUFSIZE;
linebuf1 = malloc(linebuf1_sz);
linebuf2 = malloc(linebuf2_sz);
memset(regex4, 0, sizeof(regex4));
memset(regex6, 0, sizeof(regex6));
if (opt_ipprefix != NULL) {
strncat(regex4, opt_ipprefix, sizeof(regex4)-1);
strncat(regex6, opt_ipprefix, sizeof(regex6)-1);
}
strncat(regex4, REGEX4, sizeof(regex4)-1);
strncat(regex6, REGEX6, sizeof(regex6)-1);
if (opt_ipsuffix != NULL) {
strncat(regex4, opt_ipsuffix, sizeof(regex4)-1);
strncat(regex6, opt_ipsuffix, sizeof(regex6)-1);
}
if (regex4[sizeof(regex4)-1] != '\0' ||
regex6[sizeof(regex6)-1] != '\0') {
fprintf(stderr, "Error: regex for ip addresses is too long.");
exit(1);
}
regex_t r4, r6;
if (0 != regcomp(&r4, regex4, REG_EXTENDED|REG_NEWLINE))
exit(1);
if (0 != regcomp(&r6, regex6, REG_EXTENDED|REG_NEWLINE))
exit(1);
linebuf1[linebuf1_sz-1]='x'; //anything but zero
//xxx todo: use buffered reading/writing
while (fgets(linebuf1, linebuf1_sz, stdin) != NULL) {
//fgets adds a terminating '\0', reading stops after an EOF or a newline
if (linebuf1[linebuf1_sz-1] == '\0' && linebuf1[linebuf1_sz-2] != '\n') {
//filled the buffer, but no newline; xxx remove newline dependency
fprintf(stderr, "Error: input lines are too long; maximum supported is %zd.\n",
linebuf1_sz-1);
exit(1);
}
//read a full line, can be anonymized in full
linebuf2 = (char*)search_replace_ip(linebuf1, linebuf2, &r4, &anon_ip4_txt, &linebuf2_sz);
linebuf1 = (char*)search_replace_ip(linebuf2, linebuf1, &r6, &anon_ip6_txt, &linebuf1_sz);
//output
fputs(linebuf1, stdout);
}
regfree(&r4);
regfree(&r6);
free(linebuf1);
free(linebuf2);
return 0;
}
#endif
for (;;) {
int af;
int i;
int prefix = 0;
char *plen = NULL;
char *c;
struct in_addr ip4, ip4s;
struct in6_addr ip6, ip6s;
void *new = NULL;
// char *c2;
if (fgets(cbuf, CBUF_SZ, stdin) == NULL)
break;
for (i = strnlen(cbuf, CBUF_SZ-1)-1; i >= 0; --i) {
if (!isgraph(cbuf[i]))
cbuf[i] = '\0';
}
plen = NULL;
/* first see if this is a network */
if (NULL != (c = strchr(cbuf, '/'))) {
/* this is a network */
plen = c + 1;
if (!isdigit(*plen)) {
fprintf(stderr, "can't parse network prefix (%s)\n", cbuf);
continue;
}
*c = '\0';
prefix = atoi(plen);
}
/* first try ipv4 */
af= AF_INET;
if (inet_pton(af, cbuf, &ip4) <= 0) {
/* next try ipv6 */
af= AF_INET6;
if (inet_pton(af, cbuf, &ip6) <= 0) {
fprintf(stderr, "don't understand address (%s)\n", cbuf);
continue;
}
ip6s = ip6;
if (reverse_mode) {
unscramble_ip6(&ip6s, pass_bits6);
} else {
scramble_ip6(&ip6s, pass_bits6);
}
new = &ip6s;
/* if it was a network, zero out host bits */
if (plen && prefix < 128) {
int hostbits = 128 - prefix;
i = 3;
while (hostbits >= 32) {
ip6s.s6_addr32[i] = 0;
--i;
hostbits -= 32;
}
if (hostbits > 0) {
ip6s.s6_addr32[i] = htonl(ntohl(ip6s.s6_addr32[i])
& (0xffffffffUL << hostbits));
}
}
} else {
ip4s.s_addr = (reverse_mode)
? unscramble_ip4(ip4.s_addr, pass_bits4)
: scramble_ip4(ip4.s_addr, pass_bits4);
new = &ip4s;
/* if it was a network, zero out host bits */
if (plen && prefix < 32) {
int hostbits = 32 - prefix;
ip4s.s_addr = ntohl(ip4s.s_addr);
if (hostbits == 32)
ip4s.s_addr = 0;
else
ip4s.s_addr &= 0xffffffffUL << hostbits;
ip4s.s_addr = htonl(ip4s.s_addr);
}
}
if (cbuf != inet_ntop(af, new, cbuf, CBUF_SZ)) {
perror("Error: can't print new address");
exit(1);
}
printf("%s", cbuf);
if (plen)
printf("/%d", prefix);
printf("\n");
}
scramble_cleanup();
return 0;
}

1000
test/ip4s Normal file
View file

File diff suppressed because it is too large Load diff

1000
test/ip4s.anon.aes Normal file
View file

File diff suppressed because it is too large Load diff

1000
test/ip4s.anon.blowfish Normal file
View file

File diff suppressed because it is too large Load diff

1000
test/ip4s.anon.md5 Normal file
View file

File diff suppressed because it is too large Load diff

1000
test/ip4s.anon.sha1 Normal file
View file

File diff suppressed because it is too large Load diff

1000
test/ip6s Normal file
View file

File diff suppressed because it is too large Load diff

1000
test/ip6s.anon.aes Normal file
View file

File diff suppressed because it is too large Load diff

1000
test/ip6s.anon.blowfish Normal file
View file

File diff suppressed because it is too large Load diff

1000
test/ip6s.anon.md5 Normal file
View file

File diff suppressed because it is too large Load diff

1000
test/ip6s.anon.sha1 Normal file
View file

File diff suppressed because it is too large Load diff

1
test/keyfile.aes Normal file
View file

@ -0,0 +1 @@
03:03:86bdbaa5d5a46ef72354297d42eb4e66:48ffc62219372bbf05a28f65d25ccacb1c697e8fd0b108f3fd216ecd765647d1::f0732d8b37ae4c666b4a1a011cf10e79

1
test/keyfile.blowfish Normal file
View file

@ -0,0 +1 @@
02:02:fc308dfe0b0e1013ad495a22dcc99fdb:5edf984b83e96d7b4aec7e02dd3906a3757ec37432941b58b3314d2c674d7899::e969424ec03a2086e8046bb344d9bbb6

1
test/keyfile.md5 Normal file
View file

@ -0,0 +1 @@
01:01:1debb169b5e8d129069d7ce93f5f0260:796dfe4ffa1b3ecda108a4a2903790fa0c7e21558969f3c3f63eca417fccf3b1::09686ecc8d82dae05150015263104f7c

1
test/keyfile.sha1 Normal file
View file

@ -0,0 +1 @@
04:04:55d8f320632073391140940048ebabcf:b26b1606c8efd2f8a4aa6e9d0af62cfb1196e6f655133197a6f51588ae336636::81cc51d43231d6cdb6b59904b6aa481e